IN THE NEWS: BBC Click. The IoT at Dover Castle

We had a lot of fun filming for BBC Click recently.

Despite the light hearted tone and the sticky end that I came to, the points raised were serious:

Are we inadvertently exposing ourselves to a Terminator style rise of the machines?

Has any manufacturer set out to bring down humankind? I doubt it. However, the appalling security that we find daily in IoT devices means that it lends itself to becoming an attack weapon that could be exploited by various threat actors.

• An autonomous or self driving car that can taken over and used as a weapon?
• A fleet of such cars that can all be taken over concurrently?
• A smart thermostat that could bring down the electricity grid?
• A botnet of kettles, creating TV Pickup problems?
• Hijacked CCTV Digital Video Recorders bringing down core internet services?

Some of the above have already happened.

We need legislation, regulation and some litigation to convince IoT device manufacturers to do security properly.

Fortunately, some vendors are making good progress with security.

However, the problem will continue with the ‘me too’ cheaper knock off products, exploiting the markets created by reputable vendors, but not taking security as seriously as them.