Could you be hacked through your refrigerator? Can your pacemaker be shut down through Wi-Fi? Is your television spying on you? Are you being eavesdropped on via your baby monitor?
No, this isn’t the plot of a new box office blockbuster. Welcome to the age of the Internet of Things (IoT).
Techopedia defines IoT as “a computing concept that describes a future where everyday physical objects will be connected to the Internet and be able to identify themselves to other devices.” IoT started with smartphones, tablets and wireless routers. It now encompasses smart televisions, wireless cameras, monitors and even household appliances.
While you may not have a house full of devices in constant communication with each other, recent data suggests that you at least have multiple connected devices. Cisco reports that there are more than 10 billion connected devices on the planet – more than the total population of humans on the planet. This number is expected to grow to 50 billion by the end of 2020.
IoT brings new security concerns
With any new technology comes security and privacy concerns. It’s second nature to protect your tablets and laptops, but would you think twice about securing your thermostat or your baby monitor? Hackers are always looking to exploit the weakest link in your system – and there are already countless examples of these attacks taking place.
In January, security provider Proofpoint uncovered the first IoT-based cyberattack involving smart appliances. The attack, which took place over a two-week period from December 23, 2013 to January 6, 2014, involved 750,000 malicious emails coming from household devices – including a smart refrigerator.
Email hacking is just the start. In March, the Los Angeles Times shared the story of Marc Gilbert, a father who installed Internet-connected video baby monitors that streamed to his smartphone. Gilbert was surprised to hear an unfamiliar voice using foul language over the monitors and realized his system had been hacked.
In the business world, many companies are finding that employees are connecting all types of devices to the company server – many of which the IT staff has no idea how to identify or manage. This level of vulnerability is especially problematic for organizations in possession of sensitive and protected data such as insurance providers, hospitals, law firms and pharmaceutical companies.
Security concerns have even affected those reliant on wireless medical devices, including former Vice President Dick Cheney. Due to the fear that his heart implant was vulnerable to hacking, doctors disabled the device’s wireless functionality.
Security lags far behind IoT growth
The IoT is growing at such a rate that most manufacturers and consumers haven’t caught up when it comes to securing these devices. Because firewall, anti-spam and anti-virus protection isn’t standard for the majority of IoT devices, these unprotected gadgets can be turned into outlets for the spreading of malicious spam or even the launch of a cyberattack.
Security experts are looking to manufacturers to step up and build additional encryption into their devices and to provide safeguards. Security giant Cisco, understanding the importance of these vulnerabilities, is offering up to $300,000 in prizes to individuals who can provide solutions to prevent IoT cyberattacks.
Consumers with connected devices can do their part to help protect themselves from an attack. Despite the lack of security in place for many Internet-connected devices, there a few measures you can take to help secure these devices as much as possible.
- Perform an audit: Make a list of all of the smart devices you own; include anything that is or can be connected to the Internet. Identify any documented security concerns for each device and follow any security guidelines provided by the manufacturer.
- Password protect your device: If your device comes with an option for password protection, use it. Always reset manufacturer passwords as they tend to be numerically patterned. For tips on passwords to avoid and how to create a strong one, see 50 Passwords You Should Avoid in 2014.
- Update your software: Your device may or may not contain software that can be updated. If it does, make sure you are checking for updates on the device or via your manufacturer.
- Research before purchase: If you are considering purchasing a smart device, do your research. Product reviews are likely to provide insights into whether or not a device has a security flaw.
With convenience a number one priority for consumers, these smart devices aren’t going away – despite the security concerns that surround them. Until safety becomes a priority for manufacturers, it’s important to be aware of the risks of your connected devices as the Internet of Things becomes more of a reality.
Until next time-