Reading time ( words)
Sure, smart technology is pretty handy. For instance, a moment ago, I said, “Alexa, play John Coltrane,” and the Village Vanguard show came on. But how vulnerable are we to hackers who want to steal our data through these connections, and what can be done to secure these devices?
Happy Holden and I put this question to John Watson, CID, of Legrand, a company that makes smart lighting systems, among other things. Watson describes some of the techniques Legrand uses to keep their systems from being hacked and explains why each new IoT device is a potential target. Maybe Happy has the right idea; he’s still using a 3G flip phone.
Andy Shaughnessy: John, Legrand does smart lighting systems, and IoT security is a big concern for you. Tell us about that.
John Watson: Part of the business at Legrand is lighting systems, but we also control lights, data, and power. We revolutionize the places where people work, live, and play. We are an international company with 96 sites around the world. Our site in the U.S., the one where I work, produces building control systems. My office is in Carlsbad, California, and we do anything that is involved with revolutionizing smart homes, IoT, and getting all those kinds of devices into a home that control lights, shading, special power sockets, etc.
Shaughnessy: You work with technology that turns the lights on, automates the controls, etc. You mentioned earlier that you worry quite a bit about security. How do you keep these smart systems secure?
Watson: Security is big. We have gone over to wireless. We’re able to take a sensor that controls any of the series of lights in a building and control that through a central hub. It used to be hardwired with a CAT-5 connection from the hub to the light controller itself. We’ve transitioned to a wireless setup where they communicate under a protocol wirelessly. The big problem with that is this is an open signal that could be tapped. Several years ago, a casino in Reno was robbed. The hackers got into the mainframe through a fish tank, of all things. It was a smart fish tank that someone could monitor or control remotely, and it was unsecured. From there, they were able to start transferring funds from the casino. It was huge.
Shaughnessy: Without a gun.
Shaughnessy: You have to admit that was kind of clever.
Watson: Sure. With these great hardware advancements, how we secure these networks has now become a major issue. We have a hardware identification embedded into our hardware so that each one of those is controlled by a Mac address. That’s all I can say about how we’ve done this, but it’s something that has to go hand in hand with design now. We can’t depend on firmware to secure our systems.
To read this entire interview, which appeared in the February 2020 issue of PCB007 Magazine, click here.