Is there a solution to the hacking problem behind the convenient IoT world?
The world is getting smarter. As various products in our daily life are connected to the network, it is now possible to easily control devices ‘anytime, anywhere’ by remote control. In addition, more companies are introducing “smart factories” that collect data during the production process to increase work efficiency. The foundation of these technologies is the internet of things, aka IoT.
According to research report "IoT Technology Market with COVID-19 Impact Analysis, by Node Component (Sensor, Memory Device, Connectivity IC), Solution (Remote Monitoring, Data Management), Platform, Service, End-use Application, Geography - Global Forecast to 2027" by MarketsandMarkets, the IoT technology market is expected to grow from USD 384.5 billion in 2021 to USD 566.4 billion by 2027, at a CAGR of 6.7%. IoT is expected to be deployed more and at an ever increasing rate worldwide.
However, since IoT must be connected to networks, IoT devices are subject to hacking. Summing up hacking scenarios for IoT, the first thing that comes to mind is invasion of privacy. For example, when microphones and/or cameras installed in your smart home appliances such as your smart TV, smart refrigerator, or artificial intelligence speaker are hacked, and your private video is leaked.
Digital door locks and gas valves installed at home can also be hacked, threatening the safety of you and your family. These hacks are usually done by exploiting vulnerabilities in IoT devices, with many users failing to update devices even when patches that improve security are released.
Another scenario is hacking of infrastructure. If forged data is transmitted to the traffic management system, or if a medical device is hacked and a fatal dose is injected into a person, the results can be catastrophic. Likewise, cases of factory machinery malfunctioning due to hacking or the control system being occupied by hackers, paralyzing the production process, have also been reported.
One of the typical vulnerabilities of IoT devices is a preset password. In general, when an IoT device is produced in a factory, a password is set arbitrarily, and some users use the device without changing it. This of course is easy access for hackers and even after having changed the password, you still remain a target.
In addition, IoT devices often have low specifications and low power because they are made of inexpensive parts with relatively poor performance. Therefore, it is difficult to install additional security solutions into IoT devices due to the requirements of the high-power and high-performance IoT environment. It means that hacking cases targeting these security vulnerabilities may occur frequently in the future.
As a result, for the security of IoT devices, a technology reinforcing the authentication process is required. As One-Time Authentication Code (OTAC) generates a dynamic code that always changes, it solves the problem of hacking and abuse of IoT devices. Even if someone steals the authentication information, it can’t be reused because the dynamic code of OTAC changes every time. By applying a micro-algorithm code, OTAC doesn’t require high computing power and can be sufficiently applied to low-performance IoT devices.
In addition, OTAC generates a dynamic code even in the off-the-network environment. This can be essential in places where the communication network environment is lacking, such as an underground space or a remote location. Since the OTAC code has a unique, non-overlapping value, it is possible to identify the actual user of the device and prevent illegal use.
Convenience through IoT is a key benefit of modern technology that can’t be given up. However, preparations for IoT security are lagging behind. The resulting damage is getting closer and closer to reality in various forms, from invasion of privacy to accidents in human life. It is high time for ‘security’ to become an essential element in IoT.