Modern field guide to security and privacy

Podcast: How to secure the Internet of Things

On this bonus episode of The Cybersecurity Podcast, Passcode's Jack Detsch recaps the "Security of Things Forum" in Boston last month. 

Melanie Stetson Freeman/The Christian Science Monitor
Travis Goodspeed speaks at the Passcode's 'The Security of Things' Forum, on September 22, 2016 in Cambridge, Mass.

For anyone who had trouble getting onto Twitter, Netflix, or Spotify last week, you can thank the vast number of insecure devices that connect to the internet. 

On Oct. 21, unknown cyberattackers took control of vulnerable electronics such as digital video recorders and web-enabled cameras and used them to direct malicious internet traffic at Dyn, a company that provides a critical piece of the internet’s infrastructure. The culprits pulled this off by using a program known as Mirai, which can hijack connected devices.

For cybersecurity experts who have been warning about vulnerabilities in the so-called Internet of Things, the Dyn attack is just the beginning of problems associated with insecurities inside connected gadgets.

Last month in Boston, Passcode and The Security Ledger hosted the Security of Things forum to explore the challenges of securing nearly 30 billion connected devices – from home electronics to cars – set to come online by 2020.

But despite a spate of potential software flaws in connected devices, those gadgets can make life easier for people with medical conditions.

"Anybody who's spoken with someone who suffers from diabetes and spoken to them about the way that a connected insulin pump has improved their life would not want to throw cold water on any of this," said Robert Silvers, assistant secretary of Homeland Security. 

Yet many of those devices are running on old code, with flaws that date back decades, according to Kevin Fu, chief executive officer of the healthcare cybersecurity startup Virta Labs. 

"Some of the problems in medical devices have been baked in ten years ago," he said. "We’re living with that technical debt, we’re living with that legacy, and we’re going to have some hokey solutions in the meantime."

One of those solutions, according to independent hacker Travis Goodspeed, is to break old school hackable devices, like Texas Instruments calculators or Tamogachis.

"The tricks themselves don’t die," he said. "Junk hacking, the hacking of things that officially don’t matter, allows us to talk about the mechanism that allowed it to happen while stepping back from the moral aspect."

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.