Businesses are reinventing themselves by transforming traditional services and service
delivery into digital services. Digital services utilize smart products to
provide enhanced service quality, additional features and to collect data that
can be used to improve performance. Smart products can be remotely controlled using
Wi-Fi or cellular connections, software, sensors that makes smart dumb devices,
cloud infrastructure and mobiles.
Examples
of digital products and services are network connected cars, home appliances,
surveillance systems, wearables, medical devices, rifles and so on. Very
recently ethical hackers exploited a software glitch that allowed them to take
control of a Jeep Cherokee while on the road and drive it into a ditch. All
this with the hapless driver at the wheel!
While
the car hack made headlines and led to the recall of 1.4 m vehicles, it also signaled
the beginning of an era where cyber-attacks or software glitches cause physically
harm to cyber citizens, blurring the lines between safety and security.
Cyber-attacks in the near future will do a lot more damage than destroy reputations,
steal money or spy on intimate moments people would prefer to keep private, it
may maim or kill in a targeted or random fashion and that too in the privacy of
one’s own home.
The
severity of some of the demonstrated exploits by ethical hackers were downplayed
because the attacker required physical access to the vehicle to execute the
attack. I for one, do not know what happens to my vehicle while it is serviced
or valet parked, both ideal opportunities to fiddle with the electronic systems
and even modify the firmware.
All
smart devices will be connected and updatable over wireless networks. Wireless
updates are ideal opportunities for hackers to obtain access or control over
these devices. However, digital products or services must have built in
defenses not only for over the air hacks but equally on risks from technicians,
mechanics or others that have physical access to the smart infrastructure.
Startups
with limited budgets may struggle to provide adequate security to their new
incubations, allowing ample opportunity for maliciously minded individuals and
cyber criminals to find ways to compromise the service. Investment in smart
product security will be driven by liabilities around safety regulations,
compliance and strict penal provisions.
No comments:
Post a Comment