CybersecurityProtecting the Internet from weaknesses of many “connected” devices

Published 2 December 2016

As an increasing number of devices — from cars to light bulbs to kitchen appliances — connect with computer networks, experts are raising concerns about privacy and security. Just this fall, attackers used compromised home devices, including security cameras and DVRs, to bombard an Internet infrastructure company with traffic, slowing Internet access for much of the U.S. East Coast. to address these concerns, an organization of academics and industry leaders released a report that provides guidance on how to build security and privacy protections into the emerging Internet of things (IoT).

As an increasing number of devices — from cars to light bulbs to kitchen appliances — connect with computer networks, experts are raising concerns about privacy and security. Just this fall, attackers used compromised home devices, including security cameras and DVRs, to bombard an Internet infrastructure company with traffic, slowing Internet access for much of the U.S. East Coast.

Princeton University says that to address these concerns, an organization of academics and industry leaders released a report that provides guidance on how to build security and privacy protections into the emerging Internet of things (IoT). The report emphasizes several recommendations for Internet-connected devices, ranging from improved procedures for updating software on those devices to ensuring that those devices can continue to function if Internet access is disrupted.

Instead of targeting the device manufacturers, the report’s editors hope their suggestions will resonate with policymakers who are contemplating the appropriate role of government in regulating the Internet of things.

The report is aimed at influencing policy bodies — legislative committees, commissions, the Federal Trade Commission, the White House,” said Nick Feamster, a computer science professor at Princeton University and the acting director of Princeton’s Center for Information Technology Policy, who is one of the report’s lead editors. “We hope, of course, that the IoT industry reads it too.”

The report was issued by the Broadband Internet Technical Advisory Group (BITAG), a nonprofit organization that encompasses industry and academic members. It is not the first group to take up the issue of Internet of things security and privacy. The Federal Trade Commission, for instance, released a report last year focused on consumer security and privacy risks associated with the Internet of things.

But the new report offers a unique viewpoint on some of the threats and challenges posed by the Internet of things because its focus is on broadband network management, rather than device security. Also, many of the group’s member organizations are Internet service providers; the report’s second co-editor is Comcast Vice President Jason Livingood. Accordingly, the new report considers the risks of the Internet of things from the perspective of network management, and the authors discuss how networking technologies can be leveraged to protect users.