Current Filter: Network>>>>>News>

   

As I try to make sense of the gargantuan volume of news, claims, assertions and downright rubbish that comes across my desk, I realise that it's too easy to get taken in. IT marketing machinery is effective at drawing attention to its subject, often a product or service, and it has proven adept at hijacking the latest TLA (three-letter acronym) to its own ends. The effectiveness and usefulness of IT marketing has improved radically and now respects that IT and networking professionals are not daft.

The latest TLA is suffering from an identity crisis and it needs medical assistance, perhaps even surgery. It cannot decide if it is the Internet of Things (IoT) or the more grandiose Internet of Everything (IoE). What I will call the Internet of Stuff (IoS) so as to avoid any simplification, is already with us, even if some of the examples are bizarre. The day I need an internet connected spoon or fork is the day that I disconnect my Router!

IoS connectivity is already with us in our cars, our kitchens, and even on our wrists, and the perceived need and desire can cast a large shadow over the security, hygiene and basic common sense of network management. The former, security is far too often - especially in the past - subjugated to a to-do list item, and at best running way behind what is needed.

We know that a persistent and moderately talented cyber-criminal only needs one point of weakness to create a network foothold where they can build a base camp to explore, forage, steal and deprive. The potential damage to individuals and organisations can mount into complete and extensive devastation. Beecham Research has announced an IoT study and naturally, I think they need to apply scientific rigour and adopt a more suitable acronym.

The report asserts that that there is insufficient security within emerging IoT standards. One of the report authors, Professor Jon Howes says, "While we may have some visibility of potential attacks… we need to protect [deployed] IoT devices for 10 years or longer…"

Before IoS, network management for even small networks was complex enough that some automation was essential, and the market offers some affordable solutions. How will an average home embrace this with perhaps hundreds of connected devices, and what about the home/business link?

IoS security is more complex than system designers may realise and Beecham thinks the answer is architectural for devices and systems, stretching from semiconductors through to network operators and system integrators. How will this be coordinated managed and applied?

Professor Howes says, "[We] need common security objectives… and interoperability…The [IoT] attack surface may be substantially larger than traditional PCs… ensuring multiple vendors' systems work together will lead to a greater probability of exploits... We have all become familiar with computer malware but the impact of equivalent IoT attacks could be to turn off a heating system in the middle of winter or take control of other critical systems, which could be potentially life threatening." While the heating system is inconvenient, the shutdown of a nuclear reactor is a more likely terrorist target.

This is complex stuff and we need some help at the silicon level. Haydn Povey, Technical Associate at ARM Holdings comments, "While technologies such as advanced cryptography are… in current IoT devices, governments are concerned about the acceleration of IoT and agree that there is significantly more work needed…There is an urgent need to deliver cost effective solutions that enable robust security but retain the flexibility… This requires well-architected and interoperable frameworks across vendors and technologies…"

The Internet of Stuff is with us - is your network ready?