With each passing day, the world wakes up to new devices, newer technologies and previously inconceivable digital discoveries. Automation and gadgets are our new best friends. Internet of Things (IoT), which sounds more like a book with an abstract title, is the pathbreaking new technology that is changing the way we live.
With the IoT, “things” are getting linked to the internet using automated machine-to-machine (M2M) data transfer. But before we begin to consider it the best thing since sliced bread, it would be wise to note that unless attention is given to data security, these “things” could become dangerous, if not fatal, for human use.
As an example, imagine a security breach on the vehicular domain.
With intelligent cities are coming up with IoT-based solutions for fleet management, smart parking and driverless cars, vehicular data capture emerges as singularly important. But as we have learnt from experience, where there’s data, there will be data theft and hacking.
Time and again we have seen hackers crashing entire websites after getting hold of its database. It is therefore frightening to envisage a situation where the hacker gets hold of a vehicle’s control system and drives it to its destruction. The thought of death at the hands of cutting edge technology is not something that we could possibly look forward to.
Prevention Is Better Than Cure
That IoT is a force for major change is indisputable. So, what could be done to ensure its data is secure from unscrupulous hackers?
- Role of the implementer, developer, securer and consumer: The business owner (the implementer) needs to incorporate the IoT device into his Security Policies Document and work with the vendor to upgrade security features regularly.
The developer must use secure operating systems and install firewalls to keep hackers at bay. The Securer should work on monitoring threats as well as detecting and repulsing attacks. The consumer needs to make sure that the vehicle they purchase is equipped with built-in security and ensure they secure the system further by changing the default password with a new one.
- Sharing of cyber threat intelligence: The World Economic Forum in 2016 discussed IoT and suggested that businesses and manufacturers should share cyber threat intelligence and create a common pool for security upgradation.
- Use of Artificial Intelligence (AI): Some experts have also suggested the use of AI-based cyber security be integrated into IoT. It could help in quick and accurate identification of cyber-attacks.
- Use of Application programming Interface (API): Manufacturers must provide clear APIs which could be used to create identity controls and ensure that only a vehicle’s owners can access it remotely.
- Use data mining: As vehicular data clouds contain a variety of assorted data and information resources, effective predictive analysis or data mining must be developed to quickly detect dangerous road situations, send early warning messages to assist drivers. It can also be used to assess drivers’ behaviour or performance of vehicles to find problems in advance.
Data protection regime under the Data Protection Act 1998 and General Data Protection Regulation, which will become enforceable from 25 May, 2018, presents many challenges to the IoT in vehicles industry covering content, sharing of personal data, right to object as also tracking and marketing. But with security features in place, the use of IoT in vehicular domain could look promising.