I believe that in a few years time, the IoT will be widely adopted in Asia to help address the problems the region faces such as population growth and population density. The IoT will enable the region to be more innovative when it comes to allocating energy resources, electricity and water.
Recently, security researchers Proofpoint announced that between 23 December 2013 and 6 January 2014, a 100,000-strong botnet sent out more than 750,000 malicious email communications with more than 25 per cent of the volume sent by things that were not conventional laptops, desktop computers or mobile devices. Could you shed some light as to how this happened?
The main reason for this attack is that the appliances were being exposed to the technology that they were not built for. Most devices that we have today might be running on technologies that were developed 20 years ago. Thus, connecting them to the Internet without ensuring that they are compatible might have exposed them to vulnerabilities. I believe that as the technology used in smart devices matures, the security aspect of it will improve too.
What security problems do spam pose?
Spam started off being emails containing advertisements for products. However, spam emails today might contain malicious hyperlinks which could cause your computer to become a botnet or zombie system when you click on them. This is dangerous because the end user will not know that their computer has been compromised. Therefore, spam today not only clogs up the user's inbox but is used a way to propagate malware.
Besides spam and malware, what other security concerns does the IoT face?
Since smart appliances will be interacting with each other over the web protocol, they are likely to face the threats related to the Internet. Most of the threats the Internet is facing today are sophisticated and transparent as far as the user is concerned and this is likely to continue considering the development around it. Users perhaps should thus invest in app or web app security as they increasingly adopt smart appliances.
Organisations offering smart appliances will also face the issue of data protection. As smart devices will be collecting massive amount of data, these organisations need to have solutions and policies to protect that data.
Should security solutions be embedded in the appliance or installed on the networks?
It is always good to have inbuilt security but due to production timeline, it might not always be possible for a manufacturer to secure an appliance as much as possible with embedded security. Thus, while the manufacturer develops patches or hotfixes, using abstract security solution (security outside the appliance) could help protect the appliance. However, an appliance will never be 100 percent secure even if it contains inbuilt security and uses abstract security solutions.
Sign up for CIO Asia eNewsletters.