Water Supplies, Smart Grids, Personal Privacy, and Elections As Targets: An IoT Governance Ecosystem Can Improve Security
By Lori Cameron
Share this on:
On October 21, 2016, numerous platforms and services—including Amazon, Twitter, Spotify, and the New York Times—were shut down by an overwhelming denial-of-service attack targeting Dyn, which is an internet performance, online infrastructure, and domain registration services company that serves users across Europe and North America.
The attack was executed using malware called Mirai, which converted numerous Internet-of-Things devices, such as cameras and wireless devices, into bots that flooded targets with traffic, essentially shutting them down.
While services were eventually restored, researchers have grown increasingly concerned about the potential for widespread attacks on even more highly sensitive targets such as water supplies, home devices, elections, and infrastructure systems, putting large segments of the population at risk.
IoT poses serious cybersecurity risks “around privacy and security protections, especially when they’re used in mission-critical systems. In essence, IoT applications amplify vulnerabilities in existing software and hardware,” they add.
The authors propose the formulation of principles as a means to unify the multiple bodies and organizations involved in an IoT governance ecosystem:
The structure of the Internet governance ecosystem should ensure the meaningful and accountable participation of all stakeholders, including governments, the private sector, civil society, the technical community, the academic community, and users.
Global IoT governance ecosystem models should be open, participative, transparent, and consensus-driven.
Internet governance should be carried out through a distributed, decentralized, and multi-stakeholder ecosystem.
Many of these principles were developed from the NETmundial Multistakeholder Conference held in 2014. Any weaknesses in the governance model can be addressed through accountability, transparency, and “an open and participative dialogue for constructing the IoT governance ecosystem,” say the authors.
Related research on digital, computing, and internet governance
Lori Cameron is a Senior Writer for the IEEE Computer Society and currently writes regular features for Computer magazine, Computing Edge, and the Computing Now and Magazine Roundup websites. Contact her at firstname.lastname@example.org. Follow her on LinkedIn.