Australia Markets open in 49 mins

Warning of IoT security 'reckoning' ahead

Luke Costin

A risky culture of chasing profits at the expense of protecting customers will bring a "reckoning" on internet security for tech companies and users, the European Union's former top police officer says.

Rob Wainwright, who stepped down this month after nine years as the director of EU police agency Europol, said manufacturers of internet-capable devices have followed an overwhelming commercial imperative to be first to market and to get their latest inventions out as quickly as possible.

"As for security, it's 'let's release now and patch later' or very often 'release now and don't patch at all'," the former British intelligence analyst told the CeBIT Australia technology conference in Sydney on Tuesday.

"That has to change.

"There will be reckoning around how the internet is made more secure in the future."

Symantec's chief technology officer Hugh Thompson told the conference the "weaponising" of the internet of things has gone from something that could make a really good novel to a daily issue.

Internet-capable devices can be operated remotely, whether it be to inflict large-scale digital sieges, spy on users or operate in a dangerous fashion.

"It's becoming commonplace now to have pedestrian objects, such as your washing machine, connect to the internet," Dr Thompson said.

"These devices ... have moving parts, heating elements and can potentially flood the home."

Complicating the matter, most people can't sense danger on the internet as they can when walking in a rough neighbourhood, Dr Thompson said.

The cybersecurity executive suggested businesses make it easier for users to understand risks by placing labels on connected devices - similar to nutrition panels on food packs - that clearly identify potential cyber threats.

"They can see the utility, they can see the price but what about risk?" he said.

"When I look at a nutrition label ... I can say that candy bar is very delicious but maybe I shouldn't eat it.

"We can do the same thing with IoT devices."