Wanted: Smart Public Policy for Internet of Things Security

Without us even knowing it, the connected devices in our homes and businesses can carry out nefarious tasks. Increasingly, the Internet of Things has become a weapon in hackers’ schemes. This is possible in large part due to manufactures’ failure to program basic security measures into these devices.

Now, experts in the U.S. are asking regulators to step in. Calls for public policy to improve device security have reached a fever pitch following a series of high-profile denial-of-service attacks leveraged in part by unsuspecting DVRs, routers, and webcams. In October, hackers flooded the Internet service company Dyn with traffic by assembling millions of IoT devices into a virtual botnet using a malicious program called Mirai.

“The problems are not problems that markets can solve,” says Bruce Schneier, a security specialist affiliated with Harvard University who has asked for more regulation. He says attacks like the one on Dyn are akin to air pollution—an externality that manufacturers aren’t motivated to fix.

In light of recent attacks, it’s clear that Internet of Things (IoT) devices will continue to serve on the front lines of botnets if their security isn’t somehow improved. And to critics,…[Read more]