Each year we share our predictions for the digital security world for the year ahead. One of our predictions for 2017 is that there will be an increase in home-attached devices being compromised. This is due to the rise of the Internet of Things (IoT); everyday objects, such as kettles, fridges, and televisions, that connect to networks, enabling them to send and receive data via the internet.
These devices are designed to make our lives easier to manage. We can preheat the oven using our smart phone before we leave work, or control our sprinkler system while we are away on holiday.
With the increase in ‘smart’ technology, (think smart watches, smart televisions, and smart energy meters, for example) it is estimated there will be over 34 billion connected devices in the world by 2020. Due to the possible solutions offered, businesses have been identified as a key adopter of IoT. Devices that can save energy, lower costs, and are simple to install will always be attractive to businesses, so this comes as no surprise.
However this new era of IoT presents new security challenges. These devices collect and record vast amounts of information about users. The race to secure the market means that companies producing IoT devices are overlooking how to suitably manage and secure this data. As IoT explodes its way into our lives, it is important to remember that there are currently no established security standards for these devices to help protect ourselves or our data.
The security vulnerabilities posed by IoT are far greater than a hacker accessing your smart thermostat to learn when you will be home and when you won’t (although this is also a valid concern). In the rush to get these devices to market, producers are favouring low cost solutions, overlooking the security risks posed by connecting these vulnerable devices to business and home networks.
We understand the importance of firewalls and anti-virus software to protect our desktop computers and laptops that connect to the internet, but smart devices that connect to our networks are not given as much thought when it comes to security.
These smart devices tend to have limited resources and computing power, capable of sending and receiving data, but not running software that could offer protection from evolving cyber-attacks. With so many companies attempting to crack the IoT market, the devices of companies who ultimately go out of business are unlikely to be maintained, making them an even more attractive target for hackers.
Right now, printers, games consoles, media players, watches, and televisions might all be connected in your home and offices, providing an easy stepping stone for hackers to get to your networks.
In a chilling lecture at a global security conference, leading security experts presented a hypothetical scenario demonstrating how IoT could enable them to gain access and control of a power plant via an employee’s smart oven in the employee’s home. This disastrous scenario, explained in terrifying detail, could cause catastrophic damages were it ever to be actualised.
The biggest challenge to IoT is security challenges, and it will be essential for these to be addressed before IoT can be fully trusted to transform our lives for the better. IT departments need to start including IoT devices in their security monitoring efforts and certification and testing processes, because until IoT catches up, the threat posed by these devices could have devastating consequences.
Click here to read more of our digital security predictions for 2017 as published by Global Security Mag.