IoT takes aim at social distancing

As many part of the U.S. are at least partially lifting lockdown sanctions prompted by the COVID pandemic, questions about the safety of those moves remain. IoT technology, however, might help alleviate some of those concerns.

The degree to which it’s safe to reopen certain workspaces hinges in large part on how strictly social distancing practices are followed, and IoT technology may have a role to play. Companies like Genetec, a building management and security firm, are rolling out products designed to help businesses manage their facilities during the pandemic.

Genetec’s clearly-labeled Occupancy Management Package leverages the company’s expertise in smart vision technology to track people throughout defined areas of a facility, and keep track of whether any limits on occupancy are being breached.

The system can work with either a standard camera with an optical people-counter module attached to it, or with a dedicated LIDAR sensor. The data is sent via either Ethernet or Wi-Fi over the client’s network to Genetec, which makes it available asa graphical representation of a space’s occupancy data via a web portal. The system can then alert employees if a particular area is overcrowded or distancing rules are being violated. Audit reports can be produced to demonstrate a client’s compliance with applicable public policies.

Another company using cameras to help fight the pandemic is Viper Imaging, which until recently used thermal cameras to track small temperature abnormalities in industrial settings. After a high-speed pivot, the company now says that its cameras can be used to spot people with elevated body temperatures in crowds, providing a screening option for organizations with that need.

Ubigreen’s Smartdesk takes a slightly different tack in its attempt to address social distancing requirements. A small, AAA-battery-powered wall-mount sensor tracks room occupancy via an infrared sensor and reports back its findings via a low-power Sigfox network. Like Genetec’s product, Smartdesk feeds back into a web portal and real-time API that can give at-a-glance occupancy information for a pre-defined area.

Kaiji rears its ugly head

Security researchers at malware analysis firm Intezer announced last month that it had identified a new botnet dubbed Kaiji operating in the wild. Unusually, this is a piece of malware apparently developed entirely from scratch – most IoT botnets steal code from one another or otherwise build on each other’s techniques – and it seems to have very clearly originated in China, given the apparent inclusion of lots of Chinese text throughout its source code.

According to an Intezer blog post, Kaiji targeted different types of servers and IoT devices, and may have been a trial run for future attacks. The malware infects devices via SSH brute force attacks, and has the capability to perform eight different types of DDoS attack.

IoT botnets, sadly, are hardly a new phenomenon – Mirai is the one that everyone remembers, but dozens of others have been unearthed by security researchers over the years. The relatively weak security measures present on a still-large subset of IoT devices makes them tempting targets for bad actors.

Microsoft puts out bounties on Azure IoT bugs

Microsoft announced in early May that it would open a bug bounty program designed to find vulnerabilities in its Azure Sphere IoT security framework to the general public, after offering Azure Sphere as a target for select researchers at last year’s Black Hat event.

Awards of up to $100,000 are available for demonstrated remote code execution on particularly critical parts of Azure Sphere, including the Pluton security subsystem and the Secure World software subsection, both of which are integral to defending the platform against compromise.

The Azure Sphere-specific program will remain open for three months, between June 1 and August 31, but the general Azure Bounty Program remains open for other parts of the Azure ecosystem.