The advent and exponential growth of Internet connected devices has the potential to change the world – but not always in benign ways.
As everyday objects from our cars to our refrigerators to our thermostats begin to act more and more like smartphones, IoT devices have the potential to automate and simplify many areas of our everyday lives. Smart homes will adjust the temperature and turn on the lights for us, smart cars will help us reach our destinations and call for help when there’s a problem, and smart appliances will make sure we never run out of milk and schedule their own maintenance.
But with new technologies, there is almost always a cost, and the Internet of Things is no exception. As the IoT expands rapidly, it seems as though we will pay for the convenience that it creates for us with increased risks to our security.
At least at first.
In the past, people had to worry about data security only as it applied to a desktop computer and maybe a laptop. We were running anti-virus software on these devices to protect ourselves against attackers, and that was pretty much all we needed to do.
Today, we have so many new devices connected to the Internet, and the number growing rapidly. The risks that accompany this trend are big.
According to an HP security survey, more than 70 percent of the most commonly used IoT devices have serious security vulnerabilities. Innovators and entrepreneurs are rushing to bring the next big thing to the market and, in their haste, they are putting security concerns second (or sometimes even last) to creating the device and cornering the market.
But as IoT devices gather more and more data about us and our lives, we as consumers should be extremely concerned about these vulnerabilities. We may not think about it very much, but these IoT devices have collected a lot of information about our private lives. The refrigerator that orders your milk must have some sort of payment method set up with the grocer. Your thermostat knows when you are likely to be at home – and also when you are not. And your smart watch or wearable fitness tracker may have private information about your health and habits that you wouldn’t want anyone but your doctor to know.
Last year, the Federal Trade Commission (FTC) released a report urging IoT manufacturers to put security first with these new technologies. The report recommends having a defensive security plan in place, rather than reacting to security threats after the fact, and recommends that companies train employees in how to secure customer data. Furthermore, the FTC argues that companies should be transparent about how they collect and use data, and offer users the choice to opt out.
Hacking Smart Devices
Of course, data theft isn’t the only threat from IoT devices.
In 2015, hackers proved that they could take control of a Jeep’s braking, steering, and transmission systems remotely while it was being operated. A similar hack took over a Tesla. Connected cars are among the most anticipated and hyped innovations that the IoT promises to deliver. But the more automated cars become, the more vulnerable they are to dangerous attacks.
Smart TVs also made news last year when it was revealed that the Samsung SmartTV can listen to your conversations, record them, and send the data to Samsung’s servers for analysis. And if the corporation can do that, a hacker also could access those features to spy on you.
Even our children aren’t immune to attacks on vulnerable IoT-connected devices. Reports of creeps hacking into baby monitors led to studies that revealed that none of the top Internet-connected baby monitors passed security tests. And that harmless-looking Hello Barbie that’s recording your child’s conversations? If Mattel can listen in, so can a clever hacker.
And this isn’t idle speculation, or concern about a potential problem that, in the real world, isn’t being exploited. Attacks on cloud-connected devices jumped 152 percent last year.
For now, the best recourse as consumers is to be educated, be cautious, and demand more security features from the companies with which you choose to do business.
Bernard Marr is a bestselling author, keynote speaker, strategic performance consultant, and analytics, KPI, and big data guru. In addition, he is a member of the Data Informed Board of Advisers. He helps companies to better manage, measure, report, and analyze performance. His leading-edge work with major companies, organizations, and governments across the globe makes him an acclaimed and award-winning keynote speaker, researcher, consultant, and teacher.
Subscribe to Data Informed for the latest information and news on big data and analytics for the enterprise.