Page 18 - IO_magazine
P. 18
Research
MANAGING THE
UNMANAGEABLE
By 2030, there will be about three hundred The researchers launch attacks on Internet-of-Things devices
themselves in a test setting to see where the vulnerabilities
billion devices connecting to the internet are and how attackers can take advantage of them. In addi-
worldwide. How do you secure such a network tion, they study the subject from a criminological point of
view: What priorities does an attacker set? And to what
of systems? In the eight-year INTERSECT pro - end? They also investigate how attacks can be prevented
gramme, researchers from various disciplines or repelled. What vulnerabilities should definitely be fixed
because they are of interest to attackers? And which are less
are formulating guidelines for the design, important? Etalle: ‘Every system is full of vulnerabilities, but
you don’t have to fix all of them. We focus on the vulnerabili-
management and maintenance of smart ties that can be and actually are exploited.'
connected applications such as coffee
A LOT OF INTEREST
makers, street lighting, and body sensors.
This subject is clearly relevant to civil society organisations,
By Sonja Knols companies and universities, says Etalle. ‘This is the first
major multidisciplinary project in the field of cybersecurity,
‘The Internet-of-Things offers possibilities that greatly exceed and a lot of companies immediately expressed their interest
the computer systems we know today,’ says programme leader in committing to it. INTERSECT is about how to secure
Sandro Etalle from Eindhoven University of Technology. ‘But something that is inherently unmanageable. That is a great
the impact of an Internet-of-Things systems hack can be huge. challenge we will firmly dig in to over the coming years.’
Take the example of smart houses: instead of arriving with a
screwdriver or glass cutter, burglars can now open your front
door remotely through a targeted hacking attack.’ In addition,
IoT-devices themselves can be used to perform Distributed INTERSECT: AN INTERNET
Denial of Service (DDoS) attacks, such as the 2016 attack on
DNS provider Dyn by hundreds of thousands of infected OF SECURE THINGS
devices like digital video recorders and IP cameras.
The INTERSECT project is funded by the first round
SPACE, TIME AND STRUCTURE of the Dutch Research Agenda – Research along
routes by Consortia (NWA-ORC) programme.
Within the INTERSECT programme, more than 45 affiliated
partners examine both the design and security as well as the Size: 8.2 million euros, 35 FTE
management of Internet-of-Things systems. The researchers Duration: 01/11/2019 to 31/10/2027
focus not just on technical questions, but explicitly on the Consortium: more than 45 participants from
relevant governance, criminological and legal aspects too. universities, companies, NGOs and government,
Three research dimensions have been defined within led by Eindhoven University of Technology
the programme, focussing on space, time and structure.
Questions that are tackled vary from ‘How do you patch a
myriad of completely different devices all over the world,
even in places where there is little access?’ to ‘How can we
make sure necessary software updates are provided for
older systems, even when the original manufacturer has
gone bankrupt?’ and ‘Which design choice leads to which
governance model?’
18
