Alarm Bells Ring for Unsecured Connected Devices

Display portlet menu

Alarm bells ring for unsecured connected devices


A hot topic at the annual Black Hat cybersecurity conference in Las Vegas this summer was the increasing risk companies are facing with the Internet of Things (IoT). The key takeaway was summed up by Black Hat founder Jeff Moss, who told Agence France-Presse (AFP) that "almost none of the Internet of Things device-makers have any real security teams. It is sort of a gold rush to market."

The example on everyone's lips was a software glitch that allowed hackers to gain control of a moving Jeep Cherokee.  The dramatic incident was symbolic of the larger fear that defenseless, "smart" devices could cause a chain reaction of attacks in whole cities or neighborhoods, shutting down power grids, water treatment plants and other infrastructure targets. Not to mention the fact that data stolen from connected devices can be used to learn about people’s lifestyles, and that embedded cameras could be activated to invade privacy.

A key part of the problem is that most smart appliances don’t get get software updates, even though the products are typically designed to last up to ten years or more. This gives hackers plenty of time to identify and exploit potential vulnerabilities. "A million of anything is trouble," Moss told AFP. "A hundred million is a disaster."

While Fiat Chrysler Automobiles recalled nearly 1.5 million U.S. cars and trucks after the Jeep hack and provided a software patch to fix the problem, consumers are right to be nervous about future threats.

Just days after the Jeep story, Hewlett-Packard announced a study that revealed significant vulnerabilities in 10 tested smartwatches.

Until companies get serious about security, the explosion of connected devices provides a smorgasbord of easy targets for hackers. According to a report by AFP, "smartwatches could pose special risks because they may store sensitive information such as health data, and could connect to cars and homes to unlock them."

Avnet understands the importance of security.

At Avnet, we believe that security is one of the six key attributes of effective Intelligent Systems, along with identity, connectivity, manageability, user experience and analytics. Because it's so critical to the future success of our industry, we take great steps to minimize vulnerabilities while maximizing data intelligence.  Intel Security's McAfee Embedded Control Software product is the most compelling for an OEM who builds or manages a fixed-function device and wants to prevent unauthorized changes or malware attacks. It is a simple, light-weight software technology to make devices immune to attacks or accidental updates. This Dynamic White-listing technology is ideal for the "Things" in the IoT by only allowing the device to perform its intended function.  This is NOT an anti-virus so there are no performance or resource burdens. Ideal for devices for retail, medical, industrial control, office equipment, gaming, automotive even Military & Aerospace. This is security that is Built-in – not Bolted on!

Written By: Kristin Owens

Director, Strategic Marketing, Avnet Embedded


Alarm Bells Ring for Unsecured Connected Devices

Display portlet menu

Related Articles

In their words: Benefits of the world’s biggest engineering community

In the summer of 2018, Avnet celebrated a major milestone: 1 million community members across Hackst...

Hardware Studio Helped Spatial Gaming Get Funding

If gaming 1.0 is analog board games and gaming 2.0 is video games, then Spatial Gaming is solidly 3....

From hacker spaces to Alex Glow owes her career in hardware to communities

Exposure to engineering as a kid helped Alex Glow fall in love with hardware. But it was communities...