As technology development moves on at an increasing pace the security industry is constantly taking advantage of the progress. The migration from an analogue to a digital technology was a real game changer. Suddenly technology integration has become much easier and cost effective. User friendliness and flexibility seem to no long have any limits.
Here, and, in the newly published edition of Detektor magazine 02/17, Lennart Alexandrie, gives his views on the cyber threat and how it might affect the security industry.
The development towards integration between different technology systems will of course continue. Security technology is of course attractive, and increasingly in higher demand in building automation projects as we enter the new world of smart buildings and smart cities. Internet of Things is not just a buzzword, it is a real revolution in the history of mankind.
The opportunities to successfully create customer designed solutions have become better than ever before – through technology based services targeted towards companies, public organisations and private homes. We live in an era where the Internet of Things is becoming the key to the modern efficient and environmentally durable society. Or at least it looks that way.
But IoT is also an opener for serious threats to the privacy and security of individuals. It is for sure also a threat for corporate and government organisations as well as to entire nations. Our connected devices are potential distributors of both value added services and vicious network attacks. Do we have a track of all the purposes our online devices serve? The question is rhetoric. There are jobs that have to be done in order to make IoT safer. Connected devices can be and are hacked and used for initiating and conducting intrusions and attacks on servers. There are several examples where security technology devices have been hijacked and then used to become the distributor of harmful malware. Mostly this has involved IP cameras or DVRs.
A general view in the western world is that we should watch out for Chinese security products for this reason, but it´s not that simple. Big Japanese, US and European manufacturers’ brands are also listed among the products that have been hacked and used to infect networks to cause a costly mess. All online products represent risks. The risks could easily be considerably reduced if the users of the IoT devices were to avoid using manufacturer’s preset user names and passwords. It is through continuous scanning of the manufacturers data that hackers often succeed in hijacking devices and then using them to distribute malicious code, such as Mirai, and subsequently force down the servers or deliberately cause other damage.
The security industry has to take more responsibility, not only the manufacturers, but also distributors, integrators and installers. Make demands on suppliers, inform/educate the customers and do not always let price be the guide to finding the product of choice. Learn about cyber security and demand that your suppliers also are aware and educated. Increasing the security within the products will create costs for the manufacturers. I believe the market is willing to pay for it. Choosing the cheapest alternatives may be a very expensive and unpleasant experience.
In the previous issue of Detektor (1/2017), we published a special editorial about video surveillance and cyber security. In this issue, we follow it up by publishing what was said about IoT and cyber security at the recent Sectech exhibition in Norway. It is a wider perspective of the subject which is very much about the threats and the challenges we have to meet.
At the recent ISC West Expo there were several exhibitors, not least among the video surveillance product providers, that highly profiled their approach to cyber security during the show. Cyber security has become a new strong buzzword and there are no doubts that the whole professional security technology industry is taking the cyber security threat seriously – not only western companies. This is a necessary first step before running too deep into IoT projects. There are several challenges to solve and the security technology industry has to take its share of responsibility. I believe it´s about to happen.