Greetings from Ukraine, European country with real Great war just now.
I must say, we see extreme grow of cyber-crime as part of modern war. I think, in nearest future, cold war will guaranteed have huge cyber-crime part.
And, hacking of IoT devices has very significant share of cyber-crime now. For real war it is question of life and death, because hacked devices with radio emission, are used by hostile intelligence, to find targets for attacks of heavy weapon, but also, we seen cyber attacks on electric-energy infrastructure, indented to make blackout (fortunately for us, unsuccessful).
Chinese IoT devices are very special part of question, in many cases are connected to Chinese clouds, and this is also extremely dangerous, not only because potential unfriendly Chinese moves, but also because their security is not good enough, so in many cases, cyber-crime could intercept communications and interfere operation of device or even hijack control.
For example, exists smart door locks with camera and I hear hackers hacked them and used them to observe work of air defense, so enemy could tune their air attacks to make more harm.
In civilian life without war, videos from hacked door locks (or other IoT cameras) could be used for illegal surveillance, to coordinate riots, etc.
Hi and thanks for commenting. My concern with this topic is motivated in part by the AcidRain family of energy infrastructure attacks and the larger questions they raise about infrastructure security. Teardowns on Chinese-sourced equipment have been somewhat worrying as well -- one report I've read highlighted about two dozen versions of SSH in a single base station. Best wishes and good luck.
The example was "energy infrastructure", so network group in those firms use their skills to set it up.
If any government group should be providing guidance and best practices on how to air gap devices, maybe NSA should write the standards. This FCC proposal looks like a ploy to spend the ever-growing pot (reportedly ten billion USD each year) from the regressive USF phone bill tax instead of reducing the USF tax.
As mentioned in another comment, a plug-and-play home device which provides network isolation and filtering for IoT devices may have a market. I would likely be a buyer at home.
"The bigger culprit is the FCC’s spending on USF, which is close to $10 billion per year, practically doubling in size since 2001."
> If any government group should be providing guidance and best practices on how to air gap devices, maybe NSA should write the standards.
I guess this is a bad joke? It's hard to tell w/ the internet.
> This FCC proposal looks like a ploy to spend the ever-growing pot (reportedly ten billion USD each year) from the regressive USF phone bill tax instead of reducing the USF tax.
I can agree this is what it is under the hood [0].
> As mentioned in another comment, a plug-and-play home device which provides network isolation and filtering for IoT devices may have a market. I would likely be a buyer at home.
Here's the key - there isn't a market. Otherwise there would already be one (you are unique). That's the crux of the problem. IoT is a race to the bottom when it comes to consumers. Consumers compare "smart devices" to what they already have - a light switch, a light bulb - commodities - they don't think about security until it's too late.
So, that leads to:
> If any government group should be providing guidance and best practices on how to air gap devices
You can't have "guidance" and actually get anything done in the consumer devices space. Standards and certifications - rejection of devices that don't meet them.
When it comes to dealing with communications FCC is the 3-letter-agency, and there's no changing that.
I guess the question boils down to - mass spying on Americans with un-secured devices sending data to China or let the FCC handle the problem by potentially expanding the USF?
UL tests and certifies electrical devices voluntarily. I would like to see improvement on a industry basis without more government regulation. Apparently people voluntarily purchase carbon offsets when purchasing airline tickets, do people pay for non-tangibles.
Open standards of tcpip allowed for tremendous innovation, unlike the old Bell System which regulated through monopoly what could be attached to the network.
I must say, we see extreme grow of cyber-crime as part of modern war. I think, in nearest future, cold war will guaranteed have huge cyber-crime part.
And, hacking of IoT devices has very significant share of cyber-crime now. For real war it is question of life and death, because hacked devices with radio emission, are used by hostile intelligence, to find targets for attacks of heavy weapon, but also, we seen cyber attacks on electric-energy infrastructure, indented to make blackout (fortunately for us, unsuccessful).
Chinese IoT devices are very special part of question, in many cases are connected to Chinese clouds, and this is also extremely dangerous, not only because potential unfriendly Chinese moves, but also because their security is not good enough, so in many cases, cyber-crime could intercept communications and interfere operation of device or even hijack control.
For example, exists smart door locks with camera and I hear hackers hacked them and used them to observe work of air defense, so enemy could tune their air attacks to make more harm.
In civilian life without war, videos from hacked door locks (or other IoT cameras) could be used for illegal surveillance, to coordinate riots, etc.