Stacey Higginbotham, Consumer Reports
More and more consumer products are connected to the internet. But when consumers keep connected devices such as routers and IoT products online after they have stopped receiving software and security updates, they become zombies, and are open to cyberattack. Zombie devices are connected devices that are no longer receiving security updates and are potential attack vectors. Nation states and malicious actors use these zombie devices to launch botnets, and access consumer networks. We can't take out all of the undead, but we can certainly reduce their number with policy tweaks, consumer education and industry changes. Manufacturers will have to design for longevity and recognize the obligations that come with selling connected products. Transparency around how long a manufacturer plans to support a connected device will help. As will education. Consumer Reports conducted a nationally representative survey in December that found four in ten (43%) owners of a connected device said that the last time they purchased one they were not aware that it might lose software support at some point. Consumer Reports will present model legislation, manufacturer best practices and an overview of current consumer understanding to help reduce the number of zombie devices in the wild.
Stacey Higginbotham has been writing about technology for 20 years in major publications such as Fortune, PCMag, IEEE Spectrum and MIT Technology Review. In 2015, Higginbotham founded "The Internet of Things Podcast" and a weekly IoT newsletter where she explained the latest IoT news, and tested the latest in consumer IoT devices. She is an accomplished speaker, keynoting several company and industry events covering the internet of things. Today she works with Consumer Reports on public policy work around security for connected devices.
