The IoT revolution is happening, whether we like it or not. And the reason is simple: Cost versus benefits. It’s becoming very cheap to add internet connectivity to appliances and things. When connectivity is cheap, the benefits don’t have to be very large for vendors to adopt it.
In many cases, devices won’t go online to benefit the consumer but to benefit the manufacturer. For example, home appliances can collect analytics about how and when they are used, or about customers’ locations. Information like this is extremely valuable to vendors. This means that even the most mundane of machines, like toasters, will eventually go online – to collect data. Because data is the new oil.
In addition to the benefits for the manufacturer, IoT also offers extensive consumer benefits. Imagine the convenience of being able to fire up your coffee maker while you’re in bed or switch on your washing machine while you’re at work. Smart homes also offer improved safety – think of a security system that alerts you when it detects something suspicious. Energy efficiency is another benefit, one that translates to cost savings – take the example of a thermostat that optimizes performance based on your behaviors.
Nonetheless, cyber security is too often missing from the design of these appliances as it doesn’t hold a place as a selling point for something like a washing machine. This also means that appliance vendors can’t invest too much into security, which often leads to insecure appliances.
In October 2016, we saw the largest attack against the internet infrastructure in history. This attack brought down large portions of the internet in several countries. It was launched from a network of hacked systems known as the Mirai botnet. There were more than 100,000 hacked systems in the attack network, and none of them were computers – they were all IoT devices. In other words, they were all appliances from our homes.
The existence of the Mirai botnet was possible because of the use of default login credentials on those devices. Hackers wrote a malicious piece of software that tried out manufacturers’ known default username and password combinations against devices found on the internet. As we know, too many devices were using default credentials. The consequences were far-reaching.
This is just one of the IoT security concerns that needs more attention. Other problematic issues are infrequent or nonexistent software updates, indiscriminate data collection, and lack of proper data encryption, to name a few.
The internet wasn’t built for security but it’s not too late to find revolutionary ways to secure it. The most important thing is that we act immediately before the problems caused by neglecting the security become too difficult to handle.
The IoT revolution is happening, whether we like it or not.
About the author
World-wide Computer Security and Privacy authority. Leading Expert on Cyber Security. Code Warrior. Virus Slayer. Mikko Hyppönen, Chief Research Officer of F-Secure, can truly be considered one of the greatest warriors of the digital age, as he has been working hands-on with computer security for over 25 years both finding and fighting viruses and malware on several continents. This visionary influencer is a wanted keynote speaker. He ranked 61st in Foreign Policy’s Top 100 Global Thinkers report and has been a member of Computer Antivirus Research Organisation since 1995.