The government is taking a more active hand in establishing security protocols for at least one part of the Internet of Things. Specifically, new guidelines are being drafted by the FDA to set minimum security standards for ‘smart’ medical devices.
In recent months, a number of security researchers have demonstrated the ability to hack into a variety of medical devices that, if breeched, could result in serious injury or death.
These devices include pacemakers that can shock the user’s heart until death occurs, or simply not respond when they’re needed, and insulin pumps that can be remotely ordered to withhold their dose, or give a fatal overdose and more.
These security flaws are part of a much larger problem with the IoT. That problem is that the manufacturers of these devices have shown almost no interest in providing even rudimentary security protocols, which makes them incredibly easy for even low-skill hackers to commandeer.
We’ve already seen some of the consequences of this course of action. Incredibly large botnets have been used to launch devastating DDOS attacks against a variety of targets. In fact, such an attack recently brought down the internet for much of the east coast not long ago, and the attack was carried out, in large part, by an army of smart internet-connected devices under hacker control.
As bad as that is, at least no one gets physically injured or killed when a website crashes, which is why the government is stepping in and introducing guidelines.
The day may come when strict standards are in place for all internet-connected devices, and this is a strong step in the right direction. At the very least, the new standards will make it significantly more difficult for hackers to kill someone by doing what they do.