Smart homes and critical infrastructures will be among the choice hacker targets in the near future. But the Internet of Things is no security concept. That’s why an ICIT paper is now recommending government regulation of IoT solutions.
The experts of the Institute for Critical Infrastructure Technology (ICIT) have taken the recent attacks on IoT systems and infrastructures as an opportunity to reconsider its position with respect to government regulation. In their report " Rise of The Machines ," James Scott and Drew Spaniel recommend "responsible" control by the authorities, which would ideally already start at an early stage in the development of IoT systems. The researchers criticize the lack of security by design in previous solutions; many vulnerabilities to cyber attacks could be attributed to the basic design of IoT devices.
The change of attitude is clearly also due to the serious DDoS attack on the internet performance management service provider Dyn in October 2016: The researchers chose "The Dyn Attack Was Just a Practice Run" as the cautionary subtitle to their report. ICIT researchers nevertheless dismissed one requirement that has frequently been heard in this context: In their view, cryptographic back doors that provide access to investigating authorities only serve to increase the security risks even more. Backdoors for the "good guys" can equally be used as gateways by the "bad guys."