The Internet of Thing (IoT) is supposed to mean the convenient interconnectivity of our devices to the internet. But the security infrastructure for our smart devices has not yet caught up. We are becoming ever more vulnerable to the malicious intentions of black hatters.
It’s no secret security has long been a concern regarding Internet of Things (IoT) technology. Back during its early emergence, a study conducted by HP researchers found 70 percent of IoT devices were vulnerable to even simple hacks. And while developers have urged IoT device manufacturers to heed the warning, market demand has overridden these concerns. Now that we are beginning to see increased incidents of virtual theft, we must ask ourselves to what extent we will go for convenience.
One of the more recent hacks devised is ranomware, or malicious hacks that hold your computer hostage until you pay a ridiculous ransom (typically in Bitcoin) to restore control. In one instance, a Hollywood hospital dished out $17K to retrieve patient files that were hacked. And now the threat exists in the IoT realm.
In a demonstration to expose IoT vulnerabilities, UK-based IT security researchers Andrew Tierney and Ken Munro of Pen Test Partners, successfully hacked a smart thermostat with ranomware via its built-in WiFi capabilities, proving the threat is possible via persistent network instabilities. While the hack required a physical breach to successfully complete, the threat does exist and incidents have popped up elsewhere, including cases of grand theft auto.
Two hackers were arrested in Houston this month for stealing more than 30 Jeeps from a local dealership. The men unlocked and started the cars remotely through the vehicles’ onboard WiFI connectivity, then waited until the dealership closed to retrieve the cars. The hackers sold the vehicles across the border in Mexico and got caught on their last heist. The bigger concern, however, is the safety of your personal vehicle. If a hacker can get past Jeep security, he can access the car sitting in your garage, which should prompt us to ask if IoT is worth the risk.
Thankfully, a few companies have answered the call to address IoT security instability. A number of partnerships have formed in recent years to combat security issues, including the AllSeen Alliance, the Thread Group, Open Interconnect Consortium, and the Industrial Internet Consortium. The groups collaborate to support improved security and encryption methodology to protect consumers. And while these organizations are doing a great thing, new advancements in encryption can only go so far if IoT device manufacturers do not use it in the next generation of products.
Demand has out-measured secure supply, and the key to protecting user security is to wait until IoT devices are secure. While this means consumers will have to wait for total smart home connectivity, it will mean protecting millions of people from even novice hackers that want to use someone else’s credit card to fund a trip to Fiji.
Companies won’t invest the extra resources to secure IoT unless we demand they do. So let’s work together to ensure a safer technology future.
Have a story tip? Message me at:
