Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

FTC Seeks Tools for Securing Home IoT Devices

The U.S. Federal Trade Commission (FTC) announced on Wednesday the launch of a contest that aims to find solutions for securing the Internet of Things (IoT) devices deployed in consumers’ homes.

The U.S. Federal Trade Commission (FTC) announced on Wednesday the launch of a contest that aims to find solutions for securing the Internet of Things (IoT) devices deployed in consumers’ homes.

The IoT Home Inspector Challenge seeks a technical solution for addressing vulnerabilities in IoT devices. The FTC said the tool can be a physical device installed on the user’s home network, an app, a cloud-based service, or a dashboard.

The minimum requirement is that the tool addresses vulnerabilities caused by outdated software, but it can also include other security features, such as ones designed to mitigate the risk of hardcoded or weak passwords.

Participants will need to submit an abstract, a short video demonstrating how the tool works, and a detailed technical explanation. However, a fully functional prototype is not required as long as there is enough information to evaluate the tool. The winning submission will be selected based on criteria such as scalability, user-friendliness and how well it works.

Submissions will be evaluated by a panel of five judges. The top prize is $25,000, but the FTC is also prepared to reward three other competitors with up to $3,000.

The FTC has pointed out that proposed solutions must work on existing IoT products, they must properly protect the information they collect, and they must avoid introducing additional security risks.

Registration will open on or around March 1 and contestants must enter their submissions by May 22. In the first round of the challenge, up to 20 participants will be selected based on the videos and abstracts they submit. In the next and final round, contestants will have to provide a detailed explanation of how their solution works. Winners will be announced on July 27.

IoT botnets such as Mirai and BASHLITE, which have hijacked and abused millions of devices worldwide, have made companies and governments realize the importance of securing Internet-connected devices.

Advertisement. Scroll to continue reading.

The FTC is not the only organization offering a reward for IoT security solutions. In October, the non-profit research and development organization MITRE announced a prize of $50,000 for novel ideas in detecting rogue IoT devices on a network. MITRE’s challenge is expected to end in mid-January.

Related Reading: Solving IoT Security – Pursuing Distributed Security Enforcement

Related Reading: IoT Malware Will Soon Surround Us

Related Reading: DDoS Attacks Are Primary Purpose of IoT Malware

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...