Even Congress has weighed in on this particular danger. On February 9, Senator Edward J. Markey, D-Mass., released a report claiming the automotive industry was not even close to securing its vehicles from cyberattacks. Almost all cars currently being sold have wireless technologies, the foremost application of which is to connect tire-pressure monitoring devices to the brains of the car. Yet, few manufacturers had taken steps to prevent remote access, the report concluded.
Vendors pay spotty attention to IoT security
Candid Wueest, principal security engineer with Symantec and the author of the Symantec report, stressed that often there is little consumers can do about IoT security, except to urge vendors to take it more seriously.
"Vendors are saying that they could implement security, but no one is asking for it," he says. "So, if no one is going to pay for it, it is not on their list of priorities."
David Grier, an associate professor of International Science and Technology Policy at George Washington University and past president of the Institute of Electrical and Electronics Engineers (IEEE), echoed Wueest's expectation that the industry would be reactive rather than proactive. "Everything in security in the past has required an incident," he says. "That gets people focused on the issue. At some point, you have to not only demonstrate the nature of the problem, but how it hurts."
Sign up for CIO Asia eNewsletters.