Updates

Internet of Things (IoT)

2019

US cybersecurity company, Palo Alto Networks published a report, according to which a new variant of Mirai malware has been discovered. Mirai is best known for being used in the 2016 distributed denial of service (DDoS) attacks. This time, the new variant targets devices such as routers, network storage devices, network video recorders, and IP cameras. This development, according to the report, indicates that Mirai might be used to target enterprises this time. The report warns that enterprises need to be aware of the status of their Internet of things (IoT) devices on their network and therefore should ‘change default passwords, ensure that devices are fully up-to-date on patches. And in the case of devices that cannot be patched, to remove those devices from the network as a last resort’.

The Canadian Multistakeholder Process for Enhancing IoT security issued a draft report on securing the Internet of things (IoT) for public consultation. The report deals with the following topics (a) definitions and standards concerning the security of IoT devices; (b) guidelines ensuring the security of IoT devices during their lifespan (from development and production to continuous daily use); (c) recommendations for a national policy on IoT security for Canada. The Canadian Multistakeholder Process is a partnership of the following entities: ISOC-Canada, the Ministry of Innovation Science and Economic Development (ISED), the Canadian Internet Registration Authority (CIRA), Canadian Internet Policy and Public Interest Clinic (CIPPIC), and CANARIE (an organisation in charge of developing components of digital research infrastructure for Canada's research, education and innovation communities). The report was written by three sub-groups created by the Canadian Multistakeholder Process: the network resiliency working group (NRWG), the device labelling and trustmarks working group (DLTWG), and the consumer education working group (CEWG). Each group addressed different issues and suggested its own conclusions and recommendations in the report. The public can comment on the draft report until 29 March 2019.

The Internet of Things (IoT) Cybersecurity Improvement Act was introduced simultaneously in the US Senate and the House of Representatives. According to publications about the matter, the proposed legislation aims to improve the security of IoT devices purchased by the government. The bill recommends for the National Institute of Standards and Technology (NIST) to be in charge of issuing periodical recommendations for the federal government concerning cybersecurity, identity management, patching, and configuration management of IoT devices. Vendors that provide IoT devices to the federal government would have to comply with NIST recommendations in the matter (e.g. accepting security patches, changing passwords) and they will have to adopt co-ordinated vulnerability disclosure policies, which means that once a vulnerability is uncovered, that information should be published and disseminated. In addition, the NIST will be in charge of working with cybersecurity experts to address any possible vulnerabilities related to governmental IoT devices.

Arizona prosecutors decided not to press charges against Uber following the accident in which one of its self-driving cars killed a pedestrian a year ago. The County Attorney's Office ruled that there is no basis for criminal liability for Uber, but recommended that the Tempe Police Department continue its investigation concerning what the back-up driver saw or should have seen during the ride, given the overall driving conditions. The preliminary report of the National Transportation Safety Board in the matter suggested the sensors on the vehicle were working correctly, but that emergency braking manoeuvres were disabled. In such a case, the vehicle operator should have intervened and taken action. Following the crash, authorities in Arizona suspended Uber's ability to test self-driving cars in the state and the company resumed its tests three months ago in Pennsylvania.

Chaesub Lee, the director of the International Telecommunication Union’s (ITU) Telecommunication Standardization Bureau (TSB), addressed the topic of driverless cars during the Geneva International Auto Show. In his speech, he described the ongoing collaboration between ITU, United Nations Economic Commission for Europe (UNECE), and industry players (e.g. Volkswagen Group, Blackberry, China’s Telematics Industry Application Alliance) in shaping international standards for smart transportation systems. He emphasised how collaboration in standardisation can build mutual trust, necessary for any future development.   

Egypt’s main telecom company, which is owned by the Ministry of Communications and Information Technology, Telecom Egypt, signed a memorandum of understanding (MoU) with Nokia aimed to foster technological development in Egypt. According to the MoU, both companies will work together to deploy 5G network, to build the first cloud infrastructure in Egypt exclusively for Internet of things (IoT) and to promote the development of an IoT partner ecosystem in the country.

Pages

 

The GIP Digital Watch observatory is provided by

 

 

and members of the GIP Steering Committee



 

GIP Digital Watch is operated by

Scroll to Top