A recent false report in newspapers about breach of data at Indian Registry for Internet Names and Numbers (IRINN) caused a huge turmoil both at national and international levels. A lot of government organisations came under the scanner. The incident questioned validity of the entire digitisation movement.
With all the government data being processed smartly by cloud technology, the possibility of exposure at every point and theft has increased. Various government agencies including Unique Identification Authority of India (UIDAI) have issued statements reiterating the safety of their databases.
Such incidents are on a rise. Globally, securing the ways in which machine communication takes place is top priority. Data breach and hacking is becoming an increasing concern as everything that we do now-personal or professional-is all about data and system communication.
Allaying such fears, Arvind Gupta, head of #DigitalBJP and co-founder of Botworx.ai, said, “Today, Apple is the most valuable company in the world by virtue of the consumer data that it claims to own and its intellectual property. The Indian government’s IT and cloud infrastructure is one of the finest in the world and robust enough to secure citizens’ data end-to-end in a way that is leak-proof and uses the best consent architecture.”
Peter Gartenberg, general manager, Enterprise Commercial, Microsoft India, shared, “The Internet of Things (IoT) is the wave of the future, offering enterprises immediate and real-world opportunities to reduce their costs, increase revenue and transform business. However, concerns about security, privacy, compliance and transparency remain with regards to IoT infrastructure and merging of the cyber and physical worlds. Several measures are already being taken to bridge gaps and prevent security breaches at the device level. Efforts are being made to tackle obstacles before they come up.”
Gartner states that the IoT has made digital presence pervasive in institutions and further among mankind as a whole. New participants of the framework are data scientists, integrators and vulnerable endpoints. Technology decision makers must make choices for future advancement considering risk to privacy and security.
To understand the criticality of security in the IoT, one must consider the various components within the IoT architecture as working together with each other and not in silos.
William E. Lamie, president, Express Logic, Inc., said, “With edge nodes and connected devices rapidly populating the IoT landscape, the need to put an end to security breaches of sensitive and confidential information has never been more critical.”
Threats we face
Narang Kishor, principal design architect, Narnix Technolabs, explained, “The IoT paradigm is all about connecting everything that exists with everything else. The IoT is a neural network of globally aware, intelligent and heterogeneous devices connected with each other in multiple ways to solve some problems of the society.”
“The problem stems when we go overboard with it, like we have, and there is no control mechanism. Earlier, technologies like supervisory control and data acquisition (SCADA) and remote sensing worked in a controlled environment. Now, the applications have opened up to almost every product or service. Applications like smart home and smart healthcare are on-board the IoT. Larger concepts like Smart Cities further add to the complexity. With public Wi-Fi, anybody can connect with anything in the locality because the infrastructure is automated and intelligent.
“Excessive penetration of such technologies also brings about many potential risks. For example, every functioning device is electricity dependent. The moment there is a power failure, life comes to a standstill. On the Smart City network, if the security isn’t strong enough, a hacker can access your critical centres and bring the entire nation to a standstill. Today, we don’t need a nuclear bomb to destroy a nation, we just need a few good hackers to bring down its power and communication and the nation would be on its knees. A few months ago, Russian hackers used Chinese webcams to attack American servers.”
Divyang Hemnani, engineer-embedded systems, Infinium Solutionz, added, “Hackers steal data by infecting the software of IoT devices. They use this infection to modify firmware in the devices. Consequently, all the data can be linked with the hacker’s server. Due to the depth of software hacks, people are generally unable to recognise the security vulnerability of their devices.”
Sharing his views on the vulnerabilities of IoT systems, Parag Sharma, CEO, Mantra Labs, said, “Security keys are at times used to authenticate the code being executed on an embedded device, or to authenticate the connection from an IoT device to the server. In the event of a security key being compromised, a hacker may be able to intrude into the device and run an unintended malicious code. This is entirely unwanted, and exposes users to serious consequences. Unintended behaviour of a device, and mounting hack attempts from these devices are the threats being faced. While it may not be disastrous for some IoT devices for entertainment to malfunction, a critical life-saving device or a device of strategic importance going haywire can have disproportionate losses associated.”