TechRadar Pro asked five experts: "Is the UK ready for IoT?" Of those five, four came back with security concerns. More specifically, whether or not developers are building in security to IoT related devices and if the government should legislate to make security mandatory.
Heledd Lloyd Jones, partner and Information Governance team lead at Blake Morgan, explained to TechRadar how security for IoT devices simply isn't top priority for developers: "Anecdotally, it appears that in many cases cyber-security will have been an afterthought because the need to address security risks has not been obvious to developers at the design stage.
"For example, while the incentives for hacking into bank databases and military defences are self-evident, the motivation for hacking into domestic baby monitoring devices, pacemakers, and refrigerators are not so obvious. However, the risks posed to health, safety, wellbeing and commercial reputation by hacking and program malfunction where smart devices are used in context of healthcare provision and energy and transport infrastructure are plainly considerable."
Others experts echoed Jones' comments. Dave Larson, CTO of Corero Networks, explained that DDoS attacks (distributed denial of service) could become more common because of the increased number of internet connected devices in an IoT city.
"In the case of DDoS attacks, the reality is that any device, infrastructure, application etc, that is connected to the internet is at risk of attack, or even more worrisome, to be recruited as a bot in an army to be used in DDoS attacks against unsuspecting victims."
Larson continued: "It is almost unthinkable to consider the scale and destruction that could be perpetrated by exploiting even a small fraction of the anticipated billions of IoT devices that will be deployed in the coming years."
Ready or not...
Larson's chilling vision of the future where billions of IoT devices are utilised as bots for DDoS attacks is, probably, rather far-fetched. But clearly there are security concerns about how well protected these devices will be, and how they'll be supported once deployed. Will every manufacturer offer some sort of 24/7 IT support for their individual device? Or will the government have to build a facility just to manage the security of all these devices? The latter is more probable.
But what's most concerning is the fact that these are serious concerns that could stop a countrywide IoT rollout in its tracks. Yet there isn't much noise being made from Whitehall about how these issues will be tackled, just plenty of predictable pleasing soundbites that barely scratch the surface of what needs to be done to ready the UK for IoT.
- You might also want to read: Why organisations should approach the Internet of Things with caution
