Internet of Things (IoT) security must focus on the physical risks posed to people, according to a panel of industry and academic experts at Infosecurity Europe in London.
The panel noted that connected devices in cars, for example, could pose a real danger to humans if they are hacked.
“I think the main points of security in the IoT context is in terms of protecting us from the physical harm that results from cyber threats to our [connected] systems,” said professor Chris Hankin, director at the Institute for Security Science and Technology at University College London.
James Lyne, global head of security research at Sophos, believes that the need for IoT security is not overhyped.
“A lot of these devices are toys or bizarre crap that I don’t know why anybody would want. And people are saying: ‘Why are you bothering to hack that? It’s junk,'” he said.
“There been this huge discussion in the industry about junk hacking and stunt hacking, and the reason is that these devices are changing, being added to, evolving at an insane pace.
“It only takes one of those devices two months, six months, 12 months from now to find a major place in our homes or our work where all of a sudden the crap becomes something we care about.
“So we have a whole industry that is being ignored by the virtue of unimportance, but all of a sudden may find itself extremely [open] to attacks. Wouldn’t you rather learn lessons about how to secure an industry while it’s still a toy rather than fighting a rear-guard action?”
Ian Smith, IoT security lead at the GSMA, also spoke of the need to address IoT security with physical dangers in mind.
“If you get security right you could launch products or services and be the next success story. But get security wrong and you’re potentially gone a few days later,” he said.
However, there are several challenges to be addressed, principally the need to secure devices that will be in place for a long time, such as sensor networks, and to include robust security in very small devices.
Hankin suggested that security should be applied at a systems level so that services delivered to people are protected even if individual components are not.
The topic of discussion is particularly pertinent given concerns that IoT firms are sleepwalking into cyber security dangers.
Equally, as concerns over IoT security gather pace spending on addressing them is set to increase, indicating that the industry could be taking the threat more seriously.
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally