The trend towards connecting more and more everyday devices in our private households – the Internet of Things (IoT) – is continuing unabated. However, in all the enthusiasm surrounding these little technical gadgets, awareness of the risks associated with IoT devices seems to have fallen by the wayside. Highly efficient minicomputers need the same protection as laptops or tablets – however, nowadays that is still just wishful thinking in many cases.
To delve more deeply into the topic, Sophos has set up the research project “Haunted House”. Together with Koramis, a specialized company in the field of automation and security, a continuous attack analysis and an assessment of smart homes will be conducted over a period of several weeks. A virtual smart home, simulated for this purpose and including original control and network infrastructures, has been set up will be used as a potential target of attack and left exposed on the Internet. The different types and targets of attack can then be closely examined under the microscope using this honeypot. At the same time, the experts will scan the Internet for smart home components that are ACTUALLY available and include these results in the analysis.
The results of this examination will be compiled in a whitepaper with the aim of shedding light on the quality, quantity, and aggressiveness of attacks as well as on any potential physical and personal risk. So that the “Haunted House” can reach as broad an audience as possible and to help increase awareness to ensure responsible use of IoT devices going forward, a large-scale, interactive 2D exhibit has also been set up and can be seen at CeBIT, 20-24 March. It will demonstrate the infrastructure of a smart home and visualize potential hacks, e.g. takeover of cameras or activation of lighting systems live via installed illuminants or camera systems.