Feds em­pha­size risks to de­vices from hack­ing

Baltimore Sun - - FROM PAGE ONE - By Tami Abdollah

WASH­ING­TON — The Obama ad­min­is­tra­tion has urged com­pa­nies to make mil­lions of de­vices safe from hack­ing, un­der­scor­ing the risks posed by an in­creas­ingly be­wil­der­ing ar­ray of in­ter­net- con­nected prod­ucts per­me­at­ing daily life, cover­ing every­thing from fit­ness track­ers to com­put­ers in au­to­mo­biles.

In a re­port ob­tained by The As­so­ci­ated Press, the Home­land Se­cu­rity De­part­ment de­scribed run­away se­cu­rity prob­lems with de­vices that have been made in­ter­net-ca­pa­ble in re­cent years, a group that in­cludes med­i­cal im­plants, sur­veil­lance cam­eras, home ap­pli­ances, dig­i­tal video recorders, ther­mostats and baby mon­i­tors.

It said they posed “sub­stan­tial safety and eco­nomic risks,” rec­om­mend­ing im­me­di­ate ac­tion by soft­ware and hard­ware de­vel­op­ers, ser­vice providers, man­u­fac­tur­ers and com­mer­cial and gov­ern­ment buy­ers. No spe- cific penal­ties were pro­posed for man­u­fac­tur­ers fail­ing to com­ply. No blame was placed on con­sumers buy­ing and op­er­at­ing such prod­ucts.

“The grow­ing de­pen­dency on net­work- con­nected tech­nolo­gies is out­pac­ing the means to se­cure them,” Home­land Sec­re­tary Jeh John­son said.

The de­part­ment’s strat­egy rep­re­sents an at­tempt to or­ga­nize the so-far scat­tered cy­ber­se­cu­rity ef­forts for the cat­e­gory of de­vices known as the “in­ter­net of things.” It comes less than a month af­ter hack­ers har­nessed an army of 100,000 in­ter­net-con­nected de­vices around the world to at­tack Dyn Co., which helps route in­ter­net traf­fic to its des­ti­na­tion. It caused tem­po­rary in­ter­net out­ages to sites that in­cluded Twit­ter, PayPal, Pin­ter­est, Red­dit and Spo­tify.

Such threats are likely to in­crease, U.S. of­fi­cials warn.

“Se­cur­ing the in­ter­net of things has be­come a mat­ter of home­land se­cu­rity,” John­son said. Tues­day’s guid­ance, he added, should help com­pa­nies “make in­formed se­cu­rity de­ci­sions.”

The re­port cul­mi­nates a six-month re­view by Robert Sil­vers, the as­sis­tant Home­land Se­cu­rity sec­re­tary for cy­ber pol­icy, who co­or­di­nated with cy­ber­se­cu­rity ex­perts, in­dus­try as­so­ci­a­tions and branches of the gov­ern­ment such as the Jus­tice and State de­part­ments. They spoke about pos­si­bly hold­ing com­pa­nies ac­count­able through prod­uct li­a­bil­ity prin­ci­ples and how to cre­ate a uni­form rule book for se­cur­ing these de­vices.

“We need to have a very se­ri­ous na­tional con­ver­sa­tion about what the ap­proach is, and we need to do it ur­gently,” Sil­vers said.

The in­ter­net of things is de­cen­tral­ized and enor­mously com­plex, mak­ing it dif­fi­cult to reg­u­late. A cam­era with on­line ca­pa­bil­i­ties may be de­signed in Cal­i­for­nia, man­u­fac­tured in China with parts from Tai­wan and sold to some­one who op­er­ates it on Ger­many’s net­work. Sil­vers said there is no ben­e­fit to “190 dif­fer­ent na­tional ap­proaches.”

JEFF CHIU/AP

Robert Sil­vers, as­sis­tant Home­land Se­cu­rity sec­re­tary, urges the tech in­dus­try to bol­ster se­cu­rity amid a grow­ing de­pen­dency on net­work-con­nected tech­nolo­gies.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.