Every object you see around you, which works on electricity or can be connected to electricity — is a potential Internet of Things (IoT) device. Be it a phone or a watch or a camera or a fire extinguisher or a baby monitor, all of these will, one day, connect to the net.
According to Gartner, more than 20 billion devices will connect to the internet by 2020 — and along with it comes privacy and security issues.
For instance, in 2017, more than 500,000 IoT devices like video cameras and digital video recorder connected to internet, were infected with the ‘Mirai’ malware. The malware created a network of botnets which brought down services of Twitter, Netflix and Amazon among others.
Speaking to TheBigScope about challenges that IoT world brings in, Deborah Housen-Couriel, an Israeli attorney specializing in cybersecurity law and regulation, says that governments and private companies are beginning to wake up to issues of IoT security.
“Its difficult to create policies around IoT devices as the type, design and usage of such internet connected devices changes every other month. Governments need to bring in more robustness in policy design for IoT devices,” says Housen-Couriel.
Housen-Couriel also points out that cyber security for IoT is a cat-and-mouse game and lawyers, public servants and private companies should debate more to figure out ways to amend current laws for cyber security. “You cannot have one make law for cyber security and sit tight. The world of cyber attacks changes every week. Its a long continuous battle with constant need of iterations to policies.”
If companies do not adhere to making changes to privacy and security, then anything from a coffee machine to industrial systems can be hacked. Apart from making robust policies, companies which manufacture IoT devices need to send regular updates.
Unlike PC manufactures who send regular updates to secure your system, not all organizations send across updates to their IoT devices on a regular basis and running a internet connected hardware without updates makes it vulnerable to hackers.