THE HAGUE, Oct. 19 (Xinhua) -- Beyond technical measures, the adoption of the Internet of Things (IoT) has raised many new legal, policy and regulatory challenges, broad and complex in scope. In order to address these challenges, cooperation across different sectors and among different stakeholders is essential, Europol announced on Thursday.
Europol made this remark after a two-day conference jointly launched with ENISA, the European Union Agency for Network and Information Security, which was attended by more than 250 participants from the private sector, security community, law enforcement, the European Computer Security Incident Response Teams (CSIRT) community, and academia.
According to Europol, at least 20 billion devices are expected to be connected to the internet by 2020.
"It is important to understand how these connected devices need to be secured and to develop and implement adequate security measures to protect the IoT from cyber threats," the European Union's (EU) law enforcement agency said.
The risk of criminals "weaponising" insecure IoT devices was identified in 2014. It became a reality at the end of 2016 with several distributed denial-of-service (DDoS) attacks of unprecedented scale, originating from the Mirai botnet.
"It must be assumed that cyber criminals will develop new variants and enlarge the variety of IoT devices affected by this type of malware," said Europol.
"As securing the end device is often technically difficult and expensive to achieve, the focus should therefore be on securing the architecture and underlying infrastructure, creating trust and security across different networks and domains," it recommended. "There is a need to create stronger incentives to address the security issues related to the IoT. "
Strong cooperation is needed between law enforcement, the CSIRT community, the security community as well as the judiciary to effectively and efficiently investigate the criminal abuse of the IoT, and law enforcement needs to develop the technical skills and expertise to fight IoT-related cyber crime successfully, the EU's police agency added.
In the coming months, the ENISA will publish its first baseline good practices in addressing IoT security challenges.
