WaterGateway: The leakiness of the IoT is a scandal waiting to happen

Nick Booth

The Internet of Things (IoT) has security shortcomings that would shock the world if they were exposed – and if the mainstream media understood them. That’s the startling conclusion that freelance technology writer, Nick Booth has come to.

Unsecured devices offer unlimited entry into every critical network that runs the world. Whether they run agriculture, infrastructure or casino banking, those global village IoTs are leaking information like a sieve. You don’t need to hack a Las Vegas Casino’s accounts via the connected fishtank. Most criminals know that if they put a wire on an IoT gateway, it’ll soon sing like a canary.

We’re only two or three global disasters away from the mainstream media taking note.

In keeping with tradition the press would dub the cover-up controversy the ‘WaterGateway Scandal’. We don’t have much time to secure the IoT. Someone needs to do something.

Heavy investment

So, well done Cisco and BT, who are investing heavily in partnerships between scholars and start-ups that aim to solve the IoT’s security problems.

Three projects in particular have been recognised by Innovate UK, the British government body that channels ideas and investment to the right areas of the tech sector as part of its industrial strategy.

Three projects identify different types of IoT gateway as areas that need improvement.

When there are so many weak links in the chain, why address the gateway? It’s our best hope, explains a spokesperson for the CyberStone project. This is a collaboration between Cisco, BT, trade body The Internet of Things Security Foundation, the University of Oxford, the Techworkshub and artificial intelligence start up NquiringMinds. When you bring together such different cultures, you have to start off thinking about practical ways to concentrate minds.

The horse has bolted

“For technical and pragmatic purposes, securing the IoT endpoint is impossible, because that horse has already bolted,” explains the speaker. The gateway is an essential component of most IoT installations and provides a unique management node through which you can monitor, analyse and mitigate risk across every device and network.

At the same time, any deep IoT security endpoint invention will need something similar at the IoT gateway before it can work to full effect. So it makes sense to start with the gateway. Perhaps later the innovations will fan out across the network to endpoints and all the extremities.

Cyberstone aims to run processing at ‘the edge’ where it will analyse IoT device behaviours. The conclusions of this analysis will automatically be used to calculate risks associated with the apparent behaviour of all devices.

Security response service

By applying a mix of statistics, pre-calculated strategies and ‘full blown AI’ it aims to create an automated security response services running in the cloud. This runs in tandem with local analytics and, ultimately, it helps to obviate risk and to spread the responsibilities out to all players involved in the IoT. Cisco alone has spent £500,000 (€554,000) on this project.

Meanwhile, over at the University of Warwick, they are striving to create a blockchain/machine-brain hybrid that can adapt and survive the problems created by DDDs (dumbly defaulted devices). As with anything that uses machine learning and creates a sort of organic response from inanimate objects, it’s hard to summarise this simply without sacrificing some of its potency and relevance.

My interpretation of the project is this: They are striving to invent the world’s first intelligent gateway router. It will be so discerning that it will somehow know the ID of good devices and spot those that have been tampered with.

BT and Cisco have invested extensively in this, possibly because there is an immediate commercial use for this blockchain system. Water companies could use it to identify and cancel out waste, and in the UK there is an immediate need to lower the consumption of water per subscriber. Londoners, for example, need to drop their consumption from 150 litres of water per person per day to 118. That’s not going to happen unless Thames Water can make some intelligent interventions.

Finally, there’s the UltraSoc, which is an attempt to stop hackers causing havoc with connected and autonomous vehicles (CAVs). The self-driving car is so insecure it’s like a neurotic robot on wheels. Ever since some security researcher at Twitter hacked into a Jeep and published the results, people have become very nervous about CAVs.

The Twitter show-off boasted how he’d remotely twiddled a Jeep’s radio volume knob, pulled the steering and stamped on the brakes. As news about this spread, this encouraged the hacking herd and now they’re all at it, meaning that every OEM (original equipment manufacturer) has been cyber attacked.

The resulting confidence crisis could lose car makers a collective £26 billion (€28.8 billion) annually, says Upstream Security.

Calm could be restored with Systems-on-chip (SoCs) which integrate all the computing components that power today’s CAVs operating within a digitally-connected societal framework via the IoT. If the inventors (Ultrasoc, Copper Horse and the Universities of Southampton and Coventry) can pull this off, there will be high stakes to play for.

Let’s hope any gateway break-ins can be averted. Those intruders need nixin’.

The author is freelance technology writer, Nick Booth.

 Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

RECENT ARTICLES

Army’s new next generation squad weapon programme to launch ARC’s weapons intelligence platform

Posted on: August 12, 2022

Washington – Armaments Research Company, Inc, a technology and data company serving national security and public safety customers, announced their Internet-of-Things (IoT) full-stack technology will be introduced in the Next Generation Squad Weapon (NGSW) programme of record, in partnership with Sig Sauer. For the first time in 65 years, the U.S. Army’s initiative will replace

Read more

Connected logistics market to hit $47.6bn valuation by 2029 backed by MaaS for fleet management

Posted on: August 12, 2022

The global connected logistics market stands at a valuation of US$22.2 billion (€21.61 billion) in 2022 and is projected to reach $47.6 billion (€46.34 billion) by the end of 2029. Demand for connected logistics is estimated to increase at a compound annual growth rate (CAGR) of 11.5% over the forecast period (2022-2029).

Read more
FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more

What is IoT?

Posted on: July 7, 2019

What is IoT Data as a new oil IoT connectivity What is IoT video So what’s IoT? The phrase ‘Internet of Things’ (IoT) is officially everywhere. It constantly shows up in my Google news feed, the weekend tech supplements are waxing lyrical about it and the volume of marketing emails I receive advertising ‘smart, connected

Read more
IoT Newsletter

Join the IoT Now online community for FREE, to receive: Exclusive offers for entry to all the IoT events that matter, round the world

Free access to a huge selection of the latest IoT analyst reports and industry whitepapers

The latest IoT news, as it breaks, to your inbox