Is the Internet of Things impossible to secure? Part 1

The use of Internet of Things (IoT) technology is growing rapidly as more consumers and businesses recognise the benefits offered by smart devices. The range of IoT hardware available is huge, including everything from smart doorbells and connected kettles to children’s toys. What’s more, this is not only limited to smart home tech for consumers. IoT sensors are being increasingly used by businesses of all sizes across numerous industries including healthcare and manufacturing. However, despite its life-enhancing and cost-saving benefits, the IoT is a security minefield. So, is it even possible to secure the IoT?

This was one of the themes discussed at this year’s Mobile World Congress (MWC). IoT technology featured heavily at the trade show, with connected items ranging from a passenger drone to the next generation of smart city technology, and IoT security taking centre stage. One session focused on how blockchain might help to secure IoT devices in the future. Best known as the backbone of cryptocurrency Bitcoin, blockchain is a shared ledger where data is automatically stored across multiple locations. The indisputable digital paper trail makes it ideal for financial applications, but it could also be applied to IoT.

IoT devices increase the amount of entry points into a home or business network, which in turn could give hackers access to devices such as computers that contain sensitive data. Using blockchain technology could reduce the risk of IoT devices being put at risk by a security breach at a single point. By getting rid of a central authority in IoT networks, blockchain would enable device networks to validate and protect themselves. For example, devices in a common group could potentially stop or alert the user if asked to carry out tasks that appear unusual, such as being commandeered by hackers to carry out Distributed Denial of Service (DDoS) attacks.

IoT security and drones

Also highlighted at MWC was the importance of securing IoT technology for use by drones. Drone technology is a rapidly emerging sector within IoT and the risk of hacking could not only cause a data breach, it could also pose a major risk to public safety. Thanks to their versatile application and access to real-time data, commercial drones are used across a wide variety of sectors including agriculture, military, construction and have even been used to deliver packages, while consumer drones have also grown in popularity in recent years. However, as with many IoT devices, security is often an afterthought leaving many drones vulnerable to hackers.

If a drone’s own telemetry data is accessed, hackers could take control of it while in the air. This could place people in physical danger if the drone was purposely crashed or hijacked to carry harmful substances such as explosives or chemical agents. A hacked drone could also be used for spying through onboard cameras, or malware could be installed enabling hackers to strip out sensitive data collected by the drone, including pictures and video.

While there is an increasing amount of drone legislation being introduced, much of the focus is on airspace and where drones are allowed to fly. However, the importance of securing the network that drones submit data on should not be underestimated.

In part two of this blog post we will discuss why securing IoT devices is such a monumental challenge.

Read more about securing the IoT here.