Fixing the IoT problem

Being worried that my new fridge would unilaterally put me on a diet and, having read about criminals compromising cars’ keyless entry systems, plus having seen the video of that jeep being run off the road after its engine management system had been remotely compromised, I asked my vehicle’s manufacturer whether my car was firewalled?

The answer was no, but I need not worry because everything was encrypted. Ditto with the fridge, washing machine, central heating and my burglar alarm system. Well, if encryption were the answer, then we would not have suffered fridges being compromised to send spam, or cars being driven off the road. Before fixing a problem, you need to understand it!
Anything to do with IT security tends to be based around the CIA triage of confidentiality, integrity and availability. The internet of things (IoT) is no different. My house is effectively firewalled through my router and any internal devices connected to my private home network are behind this firewall.
Because it is a software firewall, it is not the best protection in the world and any weaknesses will be known to the hackers, but much like a burglar alarm, it may send them elsewhere where the pickings are easier. Likewise, my attached computing devices have their own firewalls, so access to them now requires the hacker to circumnavigate two firewalls. Nothing like a bit of protection in depth.
But what about my other devices, such the central heating, fridge, coffee machine and burglar alarm? Here the protection is less secure in that they are totally reliant on the firewall in my router, plus the standard one factor authentication at log-in. So, confidentiality is undoubtedly a problem, but what about integrity and availability? The compromised fridge sending spam emails illustrates the integrity problem.

Altered state
If code can be so easily amended, or overwritten, then almost any connected device can be altered to do whatever the hacker wants it to do. It is, after all, based on a general-purpose chip. The final part of the triage, availability, is a key factor for my central heating and burglar alarm. I can probably manage with the fridge, or coffee machine being disconnected from the internet, but not these.

Management techniques
Now that we know what the problems are, let us examine what the solutions may be. Basically, we need to apply risk management techniques, but with a skew towards the consequence part of the equation, rather than the likelihood.

Keeping it confidential
Having dealt with availability and integrity I now come to the problem of confidentiality, which is all about identification, authentication and privilege allocation. Most devices will be using a chip containing an operating system and an application. Control of the OS will provide control over the application, so protection here is paramount.