The Internet of Things (IoT) describes a network through which common devices can use the Internet to connect and interact. Until recently, this type of interconnection would have been limited to computers, smartphones and tablets. However, IoT has made it possible for just about any type of device to enter into a “smart mode” that would link it to other devices for the purpose of combining and exchanging data.
The ultimate goal of IoT is to improve the way we live by improving the capabilities of products we use on a daily basis. It’s hard to argue against technology that would make everyday tasks so much easier and more efficient. For example, smart-lighting could help reduce energy consumption and lower your utility bill. Unfortunately, these types of benefits also come with risks.
Hackers have become increasingly brazen in recent years, going as far as to attack critical infrastructure. The more devices we connect through IoT, the more data is up for grabs and the more opportunities there are for cybercriminals to wreak their havoc.
Researchers have hacked into several devices that are already on the market. A team with members from both Microsoft and the University of Michigan was recently able to exploit multiple vulnerabilities in Samsung’s smart home platform, known as SmartThings. The areas they attacked could have put control of the various devices connected to the system, such as smoke detectors and smart locks, into their hands. Their efforts proved that skilled hackers would be able to exploit existing vulnerabilities in cars, refrigerators and other similar products.
Public Profile Concerns
If you’ve ever agreed to a terms of service document without reading it (as we all have), you’ve given companies permission to use your data without giving much thought to what’s included. A recent FTC report found that up to 150 million discrete data points can be generated by fewer than 10,000 households. Companies are able to use this data to make important decisions, such as what car insurance rates to offer, based on data from your car that provides insight into your driving habits. Data from fitness trackers can be collected in similar fashion and used by life or health insurance companies.
Another major concern for consumers involves the ability to know what’s going on inside a person’s home. Smart meter devices can determine what you’re watching on television and pass this information on. While it’s already disturbing to realize that manufacturers might know so much about you, it’s also possible for hackers to intercept the data. Note that this type of data would probably not be encrypted.
A Cybersecurity Insights Report by AT&T found that while 85 percent of the world’s major organizations are looking into implementing IoT strategies, as few as 10 percent of them are confident in their ability to secure their own devices. Furthermore, only 12 percent of them feel confident in the ability of their business partners to secure theirs. True security would involve going beyond simply securing the devices. It would entail building security measures into the various software applications used to link these products, as well as into their connections. More intelligent network monitoring software will be required to keep and eye on devices and their servers, for when issues arise.
One study suggests that up to 70 percent of IoT-connected devices contain an average of 25 exploitable vulnerabilities. As cybercrime rises to new heights, it has become increasingly obvious that our dependence on technology has made it that much harder to secure.
To say the least, this information is discouraging for the average consumer. It suggests that these products are not as ready for the market as companies would like everyone to believe and that they are taking chances with everyone’s data by releasing them, anyhow. Furthermore, it implies that even when you do take precautions to protect your information, some factors will always be out of your control.
These are just some of the issues that must be addressed before the public will fully accept the benefits IoT has to offer. Until then, leery consumers will continue to fear invasions of their privacy by both unscrupulous companies and determined cybercriminals.