Hacking the Internet of Things for Good.
Today, technology enhances our lives in ways that only a few years ago would have been considered the realm of science fiction - from voice-activated electric cars to wireless-enabled thermostats. Our appetite for new things is driving a renaissance in embedded computing and a revolution in networking.
Everyday objects are being transformed by the addition of sensors that enable them to interact with the world, processors that enable them to think about it and network interfaces that allow them to talk about it. As they connect to each other, sharing what they see, hear and know, these new intelligent, thinking devices are driving a second Internet Age. The Internet of Things is rapidly outstripping the Internet of PCs. By June 30, 2010, there were approximately 1.9bn computers connected to the Internet. By contrast, in 2012, there were close to 10bn connected things.
The benefits that these intelligent, connected devices bring to our lives are almost too numerous to count. However, when we gift these things with intelligence and senses, we also fundamentally change their very nature. Mundane objects, once familiar in appearance and completely unremarkable from a security perspective, suddenly become the guardians of sensitive data, ranging from sensitive financial information to detailed telemetry about personal aspects of our lives. The traditional thermostat hanging on an office wall held little attraction to cybercriminals. A connected thermostat-that can tell whoever controls it how many people live in a house, what technology connects to their network, and, most seriously, when the house is unoccupied-is an attractive target. A new connected thermostat that could be forced to cooperate with a million of its brethren could also pose a credible threat to the national electric grid, becoming an item of interest to terrorists. As we change the nature of things, identifying vulnerabilities and managing updates quickly and efficiently will be paramount. Connected things need to be treated like software when it comes to security. Lookout examined two case studies that play out different versions of vulnerability management-the good, and the bad.
Read more ....