News

The latest IoT security news

Published Monday 4th February, 2019

Most personal users and companies are pretty hot on security for their laptops and PCs, but the latest research suggests that IoT security is still somewhat lacking.

With Dutch software company Gemalto publishing a study revealing that 52% of worldwide companies surveyed cannot detect breaches in security in their IoT devices, we take a look at some of the latest developments in this critical area.

The need for IoT security guidelines

If we dig a little deeper into Gemalto's study we can see that the vast majority of the 950 companies surveyed are looking for the governments of the world to create regulations that are consistent and uniform – after all, the entire point of the Internet of Things is that it’s a worldwide network.

Regulations that are simple, clear and effective are needed right now before it’s too late and security breaches get out of hand.

Security needs to be taken seriously

If regulatory bodies require any further proof that this issue needs dealing with right now, another study by cyber security firm Dark Cubed, and IoT service provider Pepper IoT, should make them take notice. They took a dozen off-the-shelf consumer smart devices and installed them: within a very short time period, the registered personal details and data began spreading around the world to areas highlighted as potentially problematic, with every device allowing dangerous permissions.

It seems clear that IoT security hasn't been taken seriously by either retailers or manufacturers yet, and unless the platforms used are regulated and secure it’s almost impossible to keep personal data safe.

Even more alarmingly, Karama Security - a company that installs security on connected cars ECUs - has revealed that its 'honeypot' ECU, designed to determine the potential for security threats, was subject to 300,000 attacks per month over the past three months. Their findings show that the automotive industry needs to deal with this before the mass roll-out of driverless vehicles, because the risk of hackers taking control of cars, obviously, has potentially life-threatening ramifications.

Good news from Oracle

The latest version of Oracle's Java Card (Version 3.1) has just been released, and it's good to see that it includes some impressive security updates that make it a great solution for your IoT-enabled devices. As mentioned above, a secure platform is the foundation for improved IoT security, and Java Card 3.1’s new measures allow for more flexibility and hardware-based security.

With the Internet of Things' growth likely to be one of the most impressive technological wonders of the next couple of years, it’s also clear that security is both critical and a huge growth market. In fact, the North American market alone is set to increase by 25% per year up until around 2023, and as the European market grows, we’re likely to see similar trends here too.

As with all new tech, we’ll be watching how IoT security develops over the coming 12 months, and we’ll keep you informed of all important updates and news.

LMFLMANatWestGoldman Sachs