The Broadband Internet Technical Advisory Group (BITAG), joined by tech giants such as Google, AT&T, Cisco, T-Mobile, Intel and Microsoft, has published a report to advice on IoT security and privacy.
The report has listed some observations and security vulnerabilities from how IoT devices are being used now. And at the last, it gives some suggestions on how to strengthen security protection to prevent hijacks from malicious invades.
BITAG points out that outdated software, unencrypted communications, the lack of mutual authentication and authorization, and the lack of network isolation have brought IoT device exposing under security flaws. And, because deploying software updates which patch critical security vulnerabilities is not an easy task as well as consumers are unlikely to update IoT device software consistently, device security and privacy problems carry on.
What could possibly happen? The best example would be the massive DDoS attack occurred in the U.S. in October 2016. Hackers took advantages from IoT device vulnerability, hijacked servers of a DNS service provider, and caused major internet services out of service for many hours, including Netflix, Airbnb and Spotify.
BITAG, however, is a non-profit that has no power to put any regulations in the industry. But the report and its voice has showed the growing attention on IoT security and calling for government and official actions, while the number of IoT devices has seen a strong and inevitable growth.
Founded in 2010, BITAG has until now published nine reports and the topics across from differentiation of Internet traffic, Internet interconnection and real-time network management of Internet congestion.