The “telescreen”, a fictional device invented by George Orwell in his 1984 novel, and used to broadcast propaganda messages from the Party but also to allow the “Thought Police” to control the actions of any individual, is no longer so far from reality. The explosion in the number of connected objects in our daily lives may be similar to a form of domestic surveillance described in 1984. Despite the Snowden case, which revealed the existence of industrialized and globalized espionage, no one has fundamentally changed their behavior with regard to the use of digital tools. In addition to the advent of a new form of digital espionage, connected objects greatly increase the attack surface against management and industrial networks.
Smart devices have become a real time bomb for companies and individuals. We are living in a “Rock’n Roll” era in the field of cybercrime, punctuated by attacks of unparalleled scale and unprecedented modus operandi, as demonstrated by our latest research conducted within our CERT, for example, at the DEF CON 2018, Damien Cauquil, security expert at digital.security presented how the jamming of a specific part of the Bluetooth Low Energy protocol made it possible to link to a device already associated with a smartphone. An attacker can thus prevent access to an object or interact directly with it. Despite the fact that security experts have been sounding the alarm for several years now, security updates are slow to be implemented.
In a context where digital transformation integrates increasingly critical services in areas such as health or industrial systems, the security issue is at the top of the list of priorities for companies and government agencies. In order to raise awareness among both consumers and manufacturers about the risks induced by the rise of the Internet of Things, digital.security is publishing a new version of its White Paper, first published in September 2016. A first edition that had met with great success at the various IT exhibitions. More than 1000 copies have been distributed!
Providing a precise insight into the Internet of Things ecosystem and the threats faced by individuals, manufacturers and businesses, this White Paper provides a state-of-the-art overview of IoT’s security. Based on the daily monitoring of our analysts and feedback from auditors, this new version of the White Paper provides a visualization of the future security challenges of the Internet of Things. After presenting the Internet of Things ecosystem, a prospective section imagines future cyber-attacks against connected objects in multiple fields of activity, demonstrating that the lack of security of a connected plush toy is no less dangerous than that of an autonomous car in terms of impact on privacy.
In addition to an analysis of future threats to the Internet of Things, listed by theme (automotive, health, armament, industrial systems), the digital.security White Paper also offers unpublished content, such as a report on Damien Cauquil’s performance at the DEF CON 2018, an article on the security issues of the GDPR in the IoT written by our legal partner Mathias, or the demonstration of hacking into a padlock connected by Paul Daher.
We hope that this new White Paper will raise awareness among businesses and consumers of connected objects of the importance of proven and resilient security. The 2018 White Paper will be available in preview at the Assises de la sécurité in Monaco next October and online on our website.