Cisco is looking to bolster interest in Internet of Things security technologies with a contest announced at the RSA conference
Cisco officials are looking to encourage the information security community to turn its attention to the Internet of Things (IoT) with a competition that will offer up to $300,000 (£190,000) in prize money to people who come up with the best IoT-related security solutions and approaches. The competition was announced during the RSA security conference late last month.
In a post on the company blog, Chris Young, senior vice president of Cisco’s Security Group, emphasised the importance of keeping the IoT safe.
“In the health care sector, it’s easy to imagine how Internet-connected devices and systems are revolutionising patient care,” Young wrote in his 27 February blog post. “In the transportation sector, technologists are already connecting vehicles and their subsystems to the Internet. It is also, unfortunately, too easy to imagine how these world-changing developments could go terribly wrong when attacked or corrupted by bad actors.”
Cisco’s Internet of Things Security Grand Challenge is designed to spur innovation around security solutions to guard against such bad actors, he wrote. A team of security experts will evaluate proposals sent in based on a range of criteria, such as feasibility, performance, ease of use, the ability to address multiple IoT segments – from manufacturing to transportation to smart grids – and the technical viability of the solution.
The panel of experts will select up to six winners, with each getting between $50,000 and $75,000. Interested parties have until 17 June to submit their proposal, and the winners will be announced in the fall at the Internet of Things Forum 2014.
IDC analysts expect the IoT market to hit $3.7 trillion by 2017, and Gartner analysts said the number of connected IoT devices – not including PCs, tablets and smartphones – will grow from 900 million in 2009 to 26 billion by 2020.
Security of such smart devices was a subject discussed during the RSA Conference late last month. During a panel discussion, security experts said that these devices were beginning to draw the attention of cyber-criminals, and that the devices were vulnerable because many of the consumer electronics vendors making them don’t have strong security development programmes in place.
“I think there will be a lot more research and disclosures coming out that target these devices in the future,” Trail of Bits chief executive Dan Guido said during the show. “Unfortunately, it is exactly those types of disclosures that will get abused, so definitely pay attention to the kinds of issues that become public.”
The lack of security also is garnering greater scrutiny from the Federal Trade Commission (FTC). The agency in September 2013 settled a case with TrendNet over software flaws in its SecurView cameras, which consumers can use to keep tabs on their homes while they are somewhere else. According to the FTC, the SecurView devices included a software flaw that enables people to take video from cameras via the Internet.
Consumers have to become more aware of the security threats to their connected devices, which can include everything from a refrigerator to a thermostat to a light bulb, according to Dick O’Brien, senior information developer at security software vendor Symantec. In a post on the company’s blog, O’Brien outlined some of the growing threats, such as the Linux.Darlloz and Linux.Aidra worms, noting that the promise of the Internet of things also means security threats.
“Exciting new developments are in the offing,” he wrote. “A connected home could allow you to log on to your home network before you leave work in the evening to turn on your central heating and your oven. … Unfortunately, every new technological development usually comes with a new set of security threats. Most consumers are now very aware that their computer could be targeted with malware. There is also growing awareness that the new generation of smartphones are also vulnerable to attack. However, few people are aware of the threat to other devices.”
Do you know all about the Internet of Things? Take our quiz.
Originally published on eWeek.