GRAND RAPIDS — When hackers shut down popular websites including Twitter and Spotify in October, they enlisted myriad devices, ranging from coffee makers and appliances to webcams, to carry out the attack.
While cybersecurity has been in the public eye for some time, hackers exploited these products because many consumers fail to practice the same security protocols on their connected home devices as they employ on their computers.
According to Matt Simms, president of Grand Rapids-based Simms Electronics Inc., the attack provided a wake-up call to many of his clients, who largely left device security for the end users to figure out. An electrical engineering and product development firm, Simms Electronics works with manufacturers to develop hardware and software for connected devices in a variety of industries.
“It’s opening up a whole new door,” Simms said of cyber attacks. “Small connected devices have been around for a long time, but now they’re getting into the home where people aren’t really paying attention to the security side of it. … When you buy a computer, you know there are threats, and (consumers) are aware you need to change passwords. But when you buy a refrigerator, you plug it in and it gets cold. You don’t think of setting up passwords for your refrigerator.”
For Simms Electronics, the vulnerabilities of connected devices create opportunities to educate the office furniture manufacturers and other commercial businesses that make up the company’s client base. Additionally, the publicity around recent incidents has helped Simms convince clients to integrate higher-security technology into the systems they develop.
“We make sure our clients keep their eyes on it,” Simms said. “I hate to say that the (attack) was a good thing, but for our clients it’s a wake-up call. (They) really need to look at this and be careful because you don’t want your devices being hacked.”
To help address this problem among its customers, Simms Electronics started to explore embedding security information and certificates into hardware directly attached to a device’s primary circuit board. By having the security information incorporated into the hardware, it eliminates the ability of hackers to access those codes via the internet, Simms said. Moreover, it also takes the responsibility off the consumer to set passwords and other safety protocols on their devices.
The heightened awareness of the security of connected devices could bolster business for Simms Electronics, which employs five people and generates annual sales between $1 million and $5 million, Simms said.
The firm’s executive team expects revenues to grow as Simms Electronics continues to focus on the expanding market for so-called “internet of things” devices, a segment that’s expected to eclipse smartphones by 2018, according to a mobility report published by Ericsson, a Stockholm-based global communications firm.
Reports suggest that the connected device industry is slated to skyrocket over the next decade, reaching 27 billion devices and generating $3 trillion in revenues by 2025, according to London-based Machina Research.
COST OVER SECURITY
Despite rising concerns over the security of connected devices, Simms Electronics often wrestles with clients over the need to invest in more secure components for their products.
While no company wants to be the victim of a hack, many are strapped under tight deadlines and cost pressures, which result in them choosing cheaper and less-secure components, Simms said.
“There’s so much pressure to push the products out,” he said, noting that many of his clients struggle to launch products in time for trade shows and holidays. “We have clients that the time to market is getting so tight where people aren’t spending the time or money to make sure the products are secure because they’re up against market pressure to get the product out.”
Simms Electronics often has to spend more time educating startup companies that want to produce their products with open-source, hobby-oriented components such as the popular Raspberry Pi or Arduino circuit boards.
“In the initial proof of concept phase, they fall back to some of those cheap boards and open-source hardware, then they get excited and say ‘let’s develop this,’” Simms said. “Then they get the price tag of what it’s going to take to develop it, and we get into a little battle there.”
While these boards are cheaper to mass-produce, they also open up the products to security concerns, according to Simms. Ultimately, Simms Electronics relies on “nonstop” education to inform its customers of the risks and complexities of developing software.
“For us, it’s just about educating our clients and it gets complex,” Simms said. “Some clients don’t realize how many lines of code it takes to do something.”
Made in Michigan: Grand Rapids-based Simms Electronics Inc. plans to shift more of its focus toward devices in the internet of things industry, particularly as it relates to security. The company, which designs and engineers electronic circuitry for a variety of industries, works with its customers to balance development costs with the ever-increasing need for secure devices. Simms Electronics generates between $1 million and $5 million in annual revenues and employs five workers. Company President Matt Simms also founded Grand Rapids-based Simms Energy LLC and Kentwood-based Corporate Sound Inc.