As IoT Grows, Smart Objects Become More Vulnerable To Hacking

Image courtesy of  Pierre Metivier via Flickr and Open Clip Art, modified by Curiousmatic. 

The Internet of Things: Connected objects large and small, living safely and harmoniously through wifi, controlled remotely and with ease.

Or that’s the dream, anyway. The Internet of Things (IoT) has huge potential for the seamless operation of smart objects, from your fridge to your electrical grid, but it also has a huge flaw: security risks.

As hackers and cyber-criminals become more sophisticated in their methodology, IoT products need to be able to better combat exploitation or face serious consequences.

Here are the security concerns facing the Internet of Things, and how they might be overcome.

1. According to an HP report, 70 percent of the most commonly used IoT devices contain vulnerabilities.

[contextly_auto_sidebar id=”SmH5yNIHy4g10MFOzGuHiWsZ9txI34R0″]Any device that can connect to the Internet uses an embedded operating system; at present, many are not designed with security as their primary consideration, making them vulnerable to hacking.

A report by HP identifies a striking amount of weakness among commonly used IoT devices. It found that 80 percent had insufficient password protection, 70 percent used unencrypted network services, and 60 percent had exploitable user interfaces.

2. The consequences of such vulnerabilities are huge.

Though it may not seem like your personal toaster could do more than burn your bread, the implications of IoT expand far beyond the realm of sandwich making.

With IoT devices extending at an accelerated rate toward vehicles, healthcare, businesses, and city infrastructure, the potential consequences are huge. Vulnerabilities could lead to the theft of masses of sensitive data, city-wide blackouts, or even manipulation of, say, a thermostat at a nuclear plant or a heart pace monitor.

3. Protection is complicated, clumsy, and costly

Many businesses adopting IoT solutions operate using cost-benefit models. Adequate security requires a sustained commitment of money and resources, and not everyone is willing to invest in these things if they believe risks are few.

It’s also complicated. Embedded systems today are deployed with little to no human intervention, which means in the case of exploitation, it wouldn’t be readily apparent if a device were compromised. But if IT were able to detect hacking, it could create another exploitable entrance for infiltration.

4. Growth is outpacing security solutions

The forecasted growth of the Internet of Things is huge. Cisco estimates that by 2020, there will be as many as 50 billion connected devices. Already, there are 25 billion and growing.

But with growth comes serious concerns, because the security is too far behind deployment. According to a report by the FTC, over 70 percent of executives deploying IoT solutions believed that the proper security wouldn’t catch up for a year or two.

This could spell disaster, since nearly two thirds of businesses will have weakly secured IoT capabilities, vulnerable to hacking.

The solutions

For businesses, government, and enterprises, it has become increasingly clear that before vulnerable IoT devices become unmanageable, more time and effort should be put into ensuring the security for all smart objects and systems.

Then, going forward, security should be prioritized before deployment instead of in hindsight.

The FTC recommends that along with baking security into objects ahead of their release, employees utilizing IoT should be thoroughly trained about the importance of security management. They also urge that companies have deep, defensive strategies in place to combat security breaches instead of patching up vulnerabilities on the fly.

For you, personally? Forbes has a number of recommendations for individuals that want to ensure their devices are safe. These include:

  • Not storing personal data (aka, your full name) on IoT devices, such as wearables.
  • Making  sure to choose unique, complex, and varied passwords.
  • Turning off wifi and Bluetooth when not needed.
  • Closely examining the privacy policy and permissions within new applications; be aware of what data is being collected, and how it’s used.
  • Exercising  caution when using social sharing features, as they may give away your location.
  • Securing your smartphone, above all, because as your personal data hub this is the most likely target for hackers
We measure success by the understanding we deliver. If you could express it as a percentage, how much fresh understanding did we provide?
Jennifer Markert