Facing the Challenges of Securing Connected Devices

On the heels of the largest known hack on connected devices, cyber security is front and center in the thoughts of many consumers and a top priority for device manufacturers.

While many manufacturers have made security a cornerstone of their product, hackers can exploit the weakest link in the network, and once inside they can wreak havoc. But what is at stake? Can hackers really do damage with my web connected coffee maker?
Turns out the answer is yes. According the Ponemon Institute, in 2014 the personal information of 110 million Americans -- roughly half of the nation's adults were exposed by hackers. Experts say that this information was used in an exponentially greater number of adjacent cybercrimes like fraud, theft, and extortion. In the case of IoT devices, like the ones breached in the most recent large scale hack, network security experts believe the goal was most likely to create a bot net to perform actions like denial of service (DDoS) attacks that prevent a web service like a website or Netflix from being accessible by flooding it with requests, however; many admit that this is purely speculation, as the identity of the hackers is currently unknown.
Today, nearly three quarters, 73 percent, of all Americans have fallen victim to some type of cyber crime. The number of people falling victim to identity theft in the Western Europe and the UK has risen by almost a third. In Japan, the number of reports of possible online crime have increased 40% over the previous year, according to data from Japan's National Police Agency. These areas also happen to be the top purchasers of consumer connected devices according to Statista, making them a target rich environment for hackers.
As manufacturers, the code we write into our products become the first line of defense. The technologies we implement are the walls that would be hackers crash against. For our part, Core Brands products using the ELAN Control Platform, feature 256 bit encryption on servers that provide secure connections to the outside world. Many others in the professionally installed side of the IoT world have strong security as well, but it only takes one device in a chain to fall prey to a nasty root kit, and the whole extensible network could be compromises. 

So how do Integrators know what technology to trust? One way is to look at the manufacturer’s training. When taking the ELAN certification class, a large part is spent securing the system. This focus is to make sure that the integrator’s customer is protected. If the manufacturer’s training offers nothing from a security standpoint, chances are, it’s not one of their priorities. Details like setting up user names, passwords, and IP security settings are telltale signs of a secure system. It also helps to familiarise yourself with the technology the manufacturer is using. Some lesser known wireless connectivity technologies like Thread, are increasing in popularity an offer a level of security that far surpasses its predecessors. Ultimately, if an integrator does not know if the products they are installing are truly secure, they should ask the manufacturer how their device is secure.

Chris Bundy is marketing manager of Control Brands at Core Brands.