BreachAlarm

Blog

Security and the Internet of Things

• in categories: advice, news • by: Michelle Balestrat

Every time you get in a car, you’re putting your life in your own hands.

A 2014 Jeep Cherokee.
A 2014 Jeep Cherokee, the model used in WIRED Magazine's security experiment.

But how about putting it in the hands of the Internet?

The latest Jeep hack shows that the popularity of Internet-enabled devices now extends to our roads, and it’s not all modern convenience.

Hackers are keeping up with trends in embedded technologies, continually looking for new ways to exploit these newly-accessible items.

An Industry in the Slow Lane

As connected devices take to the road, it’s becoming apparent that security is a big step behind. According to a 2014 report by HP, “Internet of Things Research Study”, up to 70 percent of Internet-enabled devices contained vulnerabilities involving password security, encryption and permissions.

While a hacked toaster might sound trivial (if not somewhat annoying), a hacked car holds even more dire consequences – namely, the ability to maim and kill.

Recently, Chinese hackers found themselves able to take command of many key functions of a Tesla Model S – headlights, wipers, sunroof, door locks and horn, presumably via its mobile app.

As this month’s WIRED Jeep demonstration showed, total control can be enacted on the vehicle from many miles away. Perhaps the most worrying is the ability to turn off the car’s engine, steering, brakes and other vital functions.

According to an HP study from 2014, the top security flaws of connected devices included collecting user information, failing to use passwords, or having insecure firmware or web interfaces.

Stemming the Influx

So, what is being done about Internet of Things safety? Well, sadly – not much. Even though Jeep has issued a patch for the issue, it’s not entirely known how many Jeep and Chrysler models might be affected.

Moreover, you can’t help but feel that this patch is merely a band-aid for some of the wider-reaching implications on the entire automotive industry.

The reasons for these security blunders are disappointing, but telling. Many Internet-connected products have yet to reach a truly wide audience, leading developers to disregard the importance of security.

Even well-established organisations often fail to spend adequate time or resources on security, let alone the tiny startups who make up a large faction of Internet of Things companies.

Eventually, though, we will reach a point where security can no longer be ignored, perhaps even becoming a barrier to the widespread adoption of connected devices.

Are you an early adopter? If so, ensure your Internet-enabled devices are always running the latest firmware, keep your user account (if your device has one) protected with a strong password, and change any default settings your product came with when you purchased it.

Boost your breach protection!

Email Watchdog

Guard your online accounts.
  • 10 and 50 email packs available.
  • Detailed breach notifications.
  • Watchdog Update email newsletter.
  • Priority email support.
Learn More

Business Watchdog

Protect your company’s accounts.
  • Protect all email addresses in your domain.
  • Detailed breach notifications.
  • Exclusive access to your domain’s breach status.
  • Watchdog Update email newsletter.
  • Priority Email Support.
Learn More
Browse all posts
Avalanche Technology Group