Major Vulnerabilities In Internet of Things


 

The Internet of Things has gone from being a futuristic-sounding buzzword to a real trend in networking. But Alcatel-Lucent's Bell Labs' Jim Gettys recently spoke at MIT about real vulnerabilities in the connected devices users happily install in homes, cars and offices.

According to Gettys, people have gotten used to the idea of “throwing away a PC.” Many users replace phones after only a couple years; laptops and computers hardly ever last more than a decade. Gettys expects the Internet of Things devices to be different.

“We’re beginning to build computers that are on the network and that may have a much longer lifetime,” Gettys told CRN.

The major problem stems from having outdated software. Right now, according to Gettys, people purchasing Internet of Things devices usually already have software that is two years out of date in comparison to technology churn.  End users are unaware of updates they should be making in order to keep devices and computers secure.

The big vulnerability comes down the line. “Right now the processes for how these technologies get built is very poor compared to industry practices,” Gettys said. Gettys talked about the “mono-culture” in the supplier world, which operates on a per-company basis. That means that a user could very easily buy an Internet of Things device today, forget to update it, and need to replace it in 15 years simply because the company they bought it from went out of business and there are no more experts with knowledge of the device. Even worse, missing several years of updates with a connected device puts an entire network at risk for hacking.

Gettys said it is the responsibility of networking companies to streamline the update process, but “it’s going to be hard.” And in the end, if no one takes on the challenge, “the user ends up holding the bag,” Gettys said.

PUBLISHED JULY 7, 2014