Categories

The Internet of Threats: The Hazards of Connectivity

01 Dec 2015
CM_IOT_FeaturedImage-2

There’s no denying the beauty of the Internet of Things. We can monitor the temperature of our home from our office, awake to an automatic notification of the traffic we can expect on our way to work, take out our frustration on a virtual entity (sorry, Alexawe didn’t mean it, swear) and even increase our odds of surviving the holidays.

To clarify, according to M.J. Covington in Threat Implications of the Internet of Things, objects become associated with the Internet of Things when they gain the “…ability to directly interface with the Internet or become physical representations of data accessible via Internet systems.” At its core, this connectivity is a pretty awesome concept, which is a good thing, because as technology advances, our devicesand worldsare set to become increasingly intertwined. But while this might be convenient and, in most cases, make our lives easier, there’s also definite risk involved in sharing data so liberally and making it so easily accessible. After all, while most of us intend to use the IoT for good (or at least our own good), someone with know-how and malicious intent could just as easily use it for…well, evil. (*Cue the dun dun dun.) That being said, as connectivity becomes more prevalent in every aspect of our lives, it’s necessary to call into question the security of these platforms and devices and, in some cases, call for improvement or a total system rehaul.

Of course, there are obviously more dangers presented in certain areas than others. While our Netflix queue may be a little embarrassing, we’re not in immediate danger every time we use Chromecast to stream the latest Nicholas Sparks movie to our TV. (What? The Notebook is a GOOD MOVIE, okay?!) But take, for example, the automotive space. While we all appreciate a car equipped with navigation, bluetooth and the ability to point us in the direction of the nearest sandwich shop, increasing connectivity presents a plethora of vulnerabilities. And this isn’t an imagined threat, but a proven risk. For a real-life, example, look no further than Wired’s jeep hack experiment, for which hackers digitally hijacked the vehicle of the writer while he was driving it. Because of the car’s connectivitywhich is now more of an expected feature than anything extraordinarythe driver had control wrestled away from him from a few guys with laptops who were sitting miles away.

Now, the premise of driving and having control yanked away at a pivotal time is terrifying enough on an individual level, but it could be even more dangerous on a larger scale, with criminals or terrorists potentially hacking, say, the vehicles of police officers or the military. With the right technology, if security was breached, law enforcement could effectively be put out of commission.  In the case of the Jeep hack, Chrysler remedied the situation the best they could by recalling 1.4 million vehicles to fix a “bug,” but that doesn’t take away from the bigger problem: that by being connected to the Internet, you’re exposed to virtual attacks that result in real-life consequences.

And this hacking risk is one that could be applied across the board. Your connected home security system could be hacked, allowing criminals to get into your home and even lock you out. Even your kids’ electronics and toys could be hacked (a definite possibility, it’s been proven), releasing their information, photos and conversations, which is creepy in more ways than one.

Or take your Electronic Health Record (EHR). While the ability to store and share your health information makes life much easier (and, in some cases, could even save your life), HIPAA alone isn’t enough to guarantee your information is kept safe when it’s floating around. When you think about it, even a seemingly innocuous app like Uber holds extremely valuable information (your credit card information and address, for example) that most people frequently fork over freely without reading the fine print and thinking about how secure all of that information really is.

This liberal relinquishing of data is a practice—a habit at this point—that we need to reconsider. At the very least, we need to think twice before casually typing valuable information in any and every field, on any and every platform. After all, as Sven Schrecker, chief architect of IoT security solutions at Intel, told the International Business Times, “The currency of IoT is data, and protecting the data is key.”

So what do we do about it? Rather than shaking our fists at the sky, cursing “Big Brother” and abandoning connectivity for life in a metaphorical (or, hey, maybe even actual) cave, what we need to do is look at methods of prevention. As more and more companies jump into the IoT sphere, it’s critical to stop and guarantee that precautions are made and that security is guaranteed from the very beginning.

The International Business TImes details this:

The Internet of Things presents an opportunity for technology developers to build in security from inception…The way to protect IoT devices effectively,  Schrecker said, is to protect a device, protect the communications sent between each device, and then monitor what happens on each device. By tracking what kind of activity occurs on an IoT device, businesses can find potential flaws in their own products.

And finally, along with taking the necessary preventative measures, what we really need to make the IoT more secure is collaboration. Regulations currently differ by country and even by region, making it hard to regulate data transfer. So while precautions are important on a small scale, when it comes down to it, protecting the IoTand, by proxy, your information…and safetyis going to be a team effort.

Thankfully, all this connectivity should make it easy to work together.