For years, even before the existence of WiFi, technology experts have spoken about a future where everything is connected to the internet.
From kitchen appliances to machines in factories and everything in between – in the future world, they said, everything will benefit from being connected.
Our ‘smart’ living room thermostat would set the temperature just right before we got home from work. Factory managers would receive real-time updates on the status of the production line. Our washing machine would even let us know when its current program ended.
If these scenarios don’t seem much like a future world, it’s because we’ve reached the point where that future is today’s reality.
We hear more and more about connected devices – from washing machines you can control remotely with a smartphone app to internet-connected toothbrushes, and there are numerous startups trying to tackle how to improve and broaden device connectivity.
This network of connected devices is the Internet of Things, or IoT. It’s an evolution of the internet in which everyday devices have network connectivity and can communicate with one another and (hopefully) serve us better than their offline predecessors.
This is the future of the Internet, and its security should be a major concern.
In 2010, a hacker remotely remotely disabled over 100 cars in Austin Texas by hacking into an online vehicle immobilization service.
Earlier this year, a hacker hijacked a connected baby monitor and spoke through it, thoroughly freaking out the puzzled nanny.
And hackers finding their way into connected devices can go far beyond cars and cameras.
For example, SCADA systems — computer systems used to control many types of industrial processes including food processing and even uranium enrichment — have been targeted not only by intelligence agencies but by cybercriminals as well.
All of these are great examples of the dangers stemming from an unsecure Internet of Things.
Sure, connecting devices to the internet can offer innumerable benefits and conveniences. But connecting a device onto the web immediately opens it up to potential attacks, and the more devices we connect (which is what the IoT is all about), the more vulnerable we become to attack.
The security dangers of the Internet of Things
The dangers of adopting connected devices that are improperly secured is massive.
On the personal level, as the car immobilization incident and webcam hacks have shown us, disruption of daily lives is a real thing.
This can go far beyond pranking an innocent nanny; a hacker who has hacked into a car’s systems could quickly put the driver’s life in danger by, say, stopping the vehicle in the middle of a busy highway.
There are also a number of ways connecting our homes to the internet can aid real-life crimes.
After it was revealed in 2007 that high-street retailer TJMaxx was breached, investigators discovered that the hack took place via the store’s insecure WiFi network, with the hackers sitting in the parking lot.
This goes to show that hackers aren’t always thousands of miles away sitting in some dark room; rather, they might be a very short distance from their target. Can you imagine what could happen if a hacker obtained access to your home’s connected security system or your car while you were at work?
The Internet of Things doesn’t affect us only in our personal space.
I’ve already mentioned hacked SCADA systems. More and more devices in the industrial sector are becoming connected, which opens manufacturing processes up to internet attacks, which could lead to the complete shutdown of goods.
We see the threat of the Internet of Things in the financial sector, too. Indeed, attacks against point-of-sale devices — which have been connected for some time now – continue to get hammered by malware, allowing hackers to steal the credit card information of thousands of victims.
And what about hacked hospital devices?
More devices in hospitals are already becoming connected, and gaining access to hospital networks is not an impossible feat for hackers.
Last year, Wired published a fascinating article exploring how hospital systems can easily be hacked.
If the idea of a hacked monitor or scanner doesn’t seem scary enough, how about the idea of a hacked medication dispense system or defibrillator?
At the personal level, we can see how hackers accessing connected devices doesn’t always mean the disruption or tampering of our lives.
When someone has access to the devices we use in our everyday life, they can easily find out where we are at any given moment. The hacker who hijacked the baby monitor could have used it not only to spook the nanny, but also to eavesdrop and potentially discover when no one was home. Access to a car’s systems might reveal where the driver is located at almost any given moment.
It can’t be denied; the Internet of Things has an immense potential to make systems and processes run more smoothly and be more convenient.
Connecting devices to a network can increase the value we receive from them tenfold.
But it’s crucial that we remember the reality that too many are eager to forget as they race toward a more convenient life, the reality that as we connect devices to the network, we open them and ourselves to attack.
The more devices we connect, the greater our concern over the state of their security should be.
Are you concerned about more and more devices becoming connected to the internet? Leave a comment below.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.