Secure That Smart Toaster and Win $3,000
Amarita/Shutterstock.com
By
Joseph Marks
The Federal Trade Commission is offering cash prizes for tools that spot software vulnerabilities in connected devices.
The Federal Trade Commission is offering up to $25,000 in prize money for applications or tools that help people protect their smart home devices from hackers, according to a Federal Register notice.
The competition, which will announce winners in July, comes as the internet is creeping into more and more household devices ranging from baby monitors to toasters.
These internet-of-things devices are often less secure than traditional internet-connected devices such as laptops and smartphones. It’s also often more difficult to update the software in these devices to patch vulnerabilities, making them more vulnerable to hackers.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
The Mirai botnet, which last year knocked offline numerous high-profile websites, was powered largely by the computing power of IoT devices that had been hijacked unbeknownst to their owners.
IoT vulnerabilities could also enable targeted cyberattacks such as hacking into the video feed of a baby monitor or manipulating someone’s thermostat so their home is always too hot or cold.
Contest entries should, at least, protect consumers from vulnerabilities caused by out-of-date IoT software, according to the notice, but could also address other dangers such as spotting vulnerabilities in up-to-date software that manufacturers simply missed or forcing updates to factory default or easy-to-guess passwords.
The entries might be physical devices that assess IoT device security, the notice states. They might also be cloud-based applications that check for security updates for IoT devices based on their model numbers and provide instructions for how to install them.
“A dashboard or other user interface might inform the consumer about which devices were up-to-date already, those that had unpatched software vulnerabilities, and even those that the manufacturer no longer supported,” the notice states.
Entries are due May 22. Each honorable mention winner will receive $3,000, the notice states.
FTC urged IoT companies to address security vulnerabilities and adopt security best practices in a 2015 report. A presidential commission made similar recommendations in December.