Manufacturers need to design internet-connected devices with security in mind

Manufacturers design internet-connected devices

Commenting on the security vulnerabilities uncovered in smartphones, internet-connected TVs and other devices, Martijn Verbree, partner in KPMG’s cyber security practice said:

1000

Also on KPMG.com

“It may come as shock but security vulnerabilities exist in pretty much every internet connected device.  When internet connected devices are made, security may be an afterthought in the design process and not part of the initial thinking. Many connected TVs were designed to be TVs first and then with some computing functionality, an operating system, apps, a few sensors and Wi-Fi connection bolted onto it.

“The lack of security by design will change over time when the industry matures: we have already seen this take place with smart phones, which are now a lot better protected and better patched, although far from secure.

“The vulnerabilities uncovered pose a low risk to the general public at the moment.  However, you can imagine that a lot of security folks will try to reverse engineer it right now – including criminals, hostile nation states, universities etc.  With the exploits most likely requiring a piece of malware to be installed on the TV itself - either through physical access, or the consumer clicking on a bad link or by downloading an infected app – it makes it relatively hard to target specific individuals. 

“Fixing this will be hard and the most likely fix will be via a software patch. But the challenges are, what other vulnerabilities already exist and how manufacturers get the patches out?  Yes, some TVs are internet-connected and could have the firmware updated remotely.  However this typically requires some consumer intervention and that being manually done by a consumer isn’t easy to achieve.

“Vendors will need to take responsibility and provide fixes to vulnerable devices, even if they’re over their normal warranty period.”

 

ENDS

 

For media enquiries, please contact:

Nahidur Rahman, Senior PR Manager

T: +44 (0) 20 7694 8812

M: +44 (0)73 9376 0775

E: nahidur.rahman@kpmg.co.uk

 

Follow us on twitter: @kpmguk

 

KPMG Press Office:

T +44 (0)207 694 8773

 

Notes to Editors:

 

About KPMG

KPMG LLP, a UK limited liability partnership, operates from 22 offices across the UK with approximately 13,500 partners and staff.  The UK firm recorded a revenue of £2.07 billion in the year ended 30 September 2016. KPMG is a global network of professional firms providing Audit, Tax, and Advisory services. It operates in 152 countries and has 189,000 professionals working in member firms around the world. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity.  Each KPMG firm is a legally distinct and separate entity and describes itself as such. 

Connect with us

 

Request for proposal

 

Submit

KPMG’s new-look website

KPMG has launched a state of the art digital platform that enhances your experience and provides improved access to our content and our people, whatever device you are on.