A study conducted by researchers from the University of Illinois at Urbana-Champaign, Stanford University and Avast Software, analyzed the use of IoT devices in homes around the world. According to the findings of the study, the leading continents in IoT use are North America, Western Europe and Oceania (50% and more), then South America, East Asia (30%), Eastern Europe, Southeast Asia, (20%-25%), North Africa and the Middle East, Central Asia (17%-19%) and finally South Asia (less than 10%). The continents also differ in the popularity of various IoT devices. While in North American, Internet-connected television or streaming devices, are the most popular ones, in South Asia, most of the IoT devices are surveillance devices. Although in all regions the security of these devices is lacking, there is still a variance in the level of security between them. In North American and West Europe, the study revealed less security related issues, in comparison to Central Asia, South American and Sub-Saharan Africa. The researchers also discovered that most of the devices are manufactured by a handful of popular vendors in all regions. The full study will be presented at the upcoming Usenix Security Conference 2019.
UK National Health Service (NHS) announced the beginning of collaboration with Amazon through the use of Amazon’s virtual assistant (Alexa). According to the announcement, Alexa will assist patients, especially those who cannot access the internet, to receive medical information from the NHS website by using basic voice commands. Alexa will use information from the NHS website to provide answers to questions such as the following ones: “Alexa, how do I treat a headache?” or “Alexa, what are the symptoms of flu?”. The goal of the plan is to reduce the pressure on the NHS in providing information for common health issues, and it is part of the NHS plan to make NHS services available digitally.
General Electric (GE) Healthcare and the US department of Homeland security each issued advisories alerting healthcare organizations from security vulnerability discovered in GE anesthesia devices. This vulnerability could enable an attacker to remotely control and change the parameters of the anesthesia device. According to the recommended mitigation steps in the advisories, health organizations should only use secure terminal servers when connecting these devices to TCP/IP networks.
The Scottish government published a notice, looking for Internet of Things (IoT) suppliers to take part in a dynamic purchasing system of IoT technologies intended for the public sector (including universities, health sector and voluntary and charity organizations). According to the notice, although the Scottish public sector is in its early stage in IoT use, a growth is expected in the matter during the next two years. This announcement follows the launching of IoT Scotland which took place earlier this year.
According to publication, the Tasmanian Government plans to invest $150,000 into an energy and IoT startup accelerator operated by EnergyLab. The program aims to provide solutions in the field of clean energy startups. The funding is part of an overall governmental budget of $900,000 dedicated to promoting Tasmania’s start-up ecosystem.
UK Science Minister Chris Skidmore announced the names of 31 tech-agriculture projects that will receive government funding worth £22 million with an additional industry contribution of £8.8 million. The projects involve the use of Internet of things (IoT) and artificial intelligence (AI) technologies in agriculture to cut down on pollution, minimise waste, and produce more food. The projects include the use of electricity instead of chemicals to kill weeds, development of ground penetrating radars, underground scans, and AI to monitor and identify crops ready to harvest, and the use of sensors and GPS trackers in farms to allow the cattle to graze freely.
The World Economic Forum (WEF), in collaboration with the G20 presidency, announced its plan to establish universal norms and guidelines for implementing smart city technology. The collaboration which will be named the Global Smart Cities Alliance will bring together members from the G20, municipal and regional leaders, national governments, private sector partners and cities’ residents to deal with smart city technologies. The aim of the initiative will be to define a collective set of principles and standards for the responsible collection and use of data in urban environments. The Internet of Things, Robotics and Smart Cities team in WEF’s Centre for the Fourth Industrial Revolution Network will lead the process.
The US Food and Drug Administration (FDA) issued a warning about cybersecurity risks affecting Medtronic insulin pumps. According to the warning, the vulnerabilities enable unauthorised persons to connect wirelessly to the pump and to alter the pump’s settings, leading to changes in blood sugar levels and possibly diabetic ketoacidosis. The company recalled the faulty pumps and provided alternative pumps to patients. So far, the FDA has not received any reports of patient harm related to the potential cybersecurity risks.
Brazilian President Jair Bolsonaro and the Head of Broadcasting at the ICT Ministry (MCTIC) Elifas Gurgel, published a new decree detailing a national Internet of things (IoT) plan. The plan aims to promote the development and implementation of IoT in various fields in Brazil while relying on free competition and circulation of data while following security and privacy guidelines. The decree defines IoT infrastructure and IoT devices, the objectives of the plan, while stating that all developed IoT measures must be aligned with the national digital transformation strategy issued in March 2018. The decree also requires the establishment of an advisory body named the Management and Monitoring Chamber for the Development of machine-to-machine and Internet of things communication systems (IoT Chamber). The IoT Chamber's role will be to; supervise and evaluate the implementation of the IoT plan, encourage partnerships between public and private entities, initiate projects with public entities to promote the use and development of IoT solutions. The IoT Chamber will be composed of representatives from: the Ministry of Science, Technology, Innovation, and Communications (who will chair it as well); the Ministry of Economy; the Ministry of Agriculture, Livestock, and Supply; the Ministry of Health; and the Ministry of Regional Development.
The US National Institute of Standards and Technology (NIST) published NISTIR 8228- Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks. The report provides guidance for federal agencies and other organisations on how to manage risks associated with IoT devices through their life cycles. The guide begins by addressing the magnitude of IoT devices used by organisations, highlighting the differences between connected and conventional IT devices concerning their impact, daily management, and their cybersecurity and privacy capabilities. It defines three possible risks organisations need to consider when using IoT devices: device security, data security, and individual privacy. It concludes with the following recommendations. (a) organisations need to consider the security and privacy risks when using IoT devices. (b) They need to adjust and customise policies and processes to address cybersecurity and privacy risks throughout the lifecycle of their IoT devices. (c) Companies need to implement the aforementioned updated mitigation practices. The publication is the first in a series of future NIST publications related to IoT.