Internet security company Symantec has announced measures to secure more than a billion always-connected Internet of Things products that are at risk of being compromised by hackers
Internet of Things (IoT) devices are all connected products that talk to each other and to the internet to provide an outcome – like turning a light on or off remotely – or to read and interpret data to trigger an event – like turning on the air conditioning when it reaches a designated temperature.
But this constant connectivity of products within our homes and businesses are the next frontier for cyber criminals and hackers.
With the number of IoT devices expected to exceed 25 million by 2020, Symantec – the company behind Norton internet security – has developed new security technology to safeguard these products.
“As IoT innovation and adoption continues to grow, so has the opportunity for new cyber security risks,” said Shankar Somasundaram, Senior Director of Internet of Things Security, Symantec.
“In the automotive industry, hackers can literally steer the car and ‘hit the brakes’ from their keyboards.
“Symantec is partnering with manufacturers in the automotive, industrial control, and semiconductor industries, in addition to our work in healthcare and retail markets.”
These developments form part of the company’s Unified Security Strategy to provide the industry’s most comprehensive IoT security solutions.
It will involve authentication, device security, analytics and management to prevent these IoT devices like cars, control systems and medical devices from being compromised, tracked and electronically hijacked.
Symantec’s plans include:
* Device security: Symantec’s critical system protection locks down the embedded software of the IoT devices to prevent them from being compromised. To achieve this Symantec has signed Wincor, a leading provider of software and solutions for banks and the retail industry, plus other leading manufacturers in the automotive and industrial ecosystems.
* IoT certificates: Symantec is working with chip providers and cryptographic library partners like Texas Instruments and wolfssl, to embed security at the hardware level. This will allow devices to be safely encrypted and authenticated.
* Code-signing certificates: IoT devices will only be able to run code that can be authorized with code-signing certificates and cloud-based sign-ins for relevant IoT code formats.
The goal for Symantec is to provide a standardised security protocol to manage all IoT products from a single interface as well as analytics to detect anomalies that might arise as a result of a stealth attack.