No announcement yet.

Using Blockchain to Secure the "Internet of Things"

  • Filter
  • Time
  • Show
Clear All
new posts

  • Using Blockchain to Secure the "Internet of Things"

    The ability to better track and distribute security software updates would help fortify insecure IoT devices, which have already contributed to major cyber-disasters

    The following essay is reprinted with permission from The Conversation, an online publication covering the latest research.The Conversation

    The world is full of connected devices–and more are coming. In 2017, there were an estimated 8.4 billion internet-enabled thermostats, cameras, streetlights and other electronics. By 2020 that number could exceed 20 billion, and by 2030 there could be 500 billion or more. Because they’ll all be online all the time, each of those devices–whether a voice-recognition personal assistant or a pay-by-phone parking meter or a temperature sensor deep in an industrial robot–will be vulnerable to a cyberattack and could even be part of one.

    Today, many “smart” internet-connected devices are made by large companies with well-known brand names, like Google, Apple, Microsoft and Samsung, which have both the technological systems and the marketing incentive to fix any security problems quickly. But that’s not the case in the increasingly crowded world of smaller internet-enabled devices, like light bulbs, doorbells and even packages shipped by UPS. Those devices–and their digital “brains”–are typically made by unknown companies, many in developing countries, without the funds or ability–or the brand-recognition need–to incorporate strong security features.

    Insecure “internet of things” devices have already contributed to major cyber-disasters, such as the October 2016 cyberattack on internet routing company Dyn that took down more than 80 popular websites and stalled internet traffic across the U.S. The solution to this problem, in my view as a scholar of “internet of things” technology, blockchain systems and cybersecurity, could be a new way of tracking and distributing security software updates using blockchains.


    Today’s big technology companies work hard to keep users safe, but they have set themselves a daunting task: Thousands of complex software packages running on systems all over the world will invariably have errors that make them vulnerable to hackers. They also have teams of researchers and security analysts who try to identify and fix flaws before they cause problems.

    When those teams find out about vulnerabilities (whether from their own or others’ work, or from users’ reports of malicious activity), they are well positioned to program updates, and to send them out to users. These companies’ computers, phones and even many software programs connect periodically to their manufacturers’ sites to check for updates, and can download and even install them automatically.

    Beyond the staffing needed to track problems and create fixes, that effort requires enormous investment. It requires software to respond to the automated inquiries, storage space for new versions of software, and network bandwidth to send it all out to millions of users quickly. That’s how people’s iPhones, PlayStations and copies of Microsoft Word all stay fairly seamlessly up to date with security fixes.

    None of that is happening with the manufacturers of the next generation of internet devices. Take, for example, Hangzhou Xiongmai Technology, based near Shanghai, China. Xiongmai makes internet-connected cameras and accessories under its brand and sells parts to other vendors.

    Read More