Is the IoT skating on slippery security grounds?
Concerns over security seem to be developing faster than the Internet of Things (IoT) and IT giants are scrambling to come up with viable security solutions.
Right from cyber hacks to phishing, there is no dearth of security-related concerns about the IoT. And with the release of the 2015 Cyberthreat Defense Report, shocking data has been revealed on how over 66% of highly-sensitive data is being stored on cloud servers. What this means is that such sensitive data can be attacked from anywhere and at any time, seeing that the data isn’t being stored at a physical location. And with the increasing number of IoT devices being used, it is critical that we understand what we need protection from, but also how we can be protected in the future.
Why is Security So Important to Make IoT succesful?
Security has always been a big deal, both physically and virtually. But you might be asking yourself what the big deal is if the IoT has security issues, the internet has had security issues galore and is vulnerable to attack even now. The problem is not what the IoT is going now, but what it will do in the future when everything from toasters to aircraft will be wirelessly connected. Imagine a wirelessly connected car gets hacked by someone who doesn’t like the driver. The hacker would have effective control over braking and acceleration of the car, and could cause a fatal accident. The security threat increases considerably because now the virtual hacker is affecting a real life situation. Some important factors to consider:
- Constantly Evolving – Technology is constantly evolving, and so are the security threats. A comprehensive review and validation of procedures, and algorithms needs to be performed on a routine basis, otherwise things can go bad in a way that they cannot be rectified.
- Always Connected – Mobile security is already a major issue in this decade because of the amount of connected devices in use. The problem with connected devices is just that, they are always connected. This also means that they are always vulnerable. The moment a device connects to an external network, it is at risk of being hacked. There will soon be billions of connected devices, each one providing hackers with a way to get into personal or company data.
Major Concerns related to IoT
It is estimated that 90% of connected devices collect at least one piece of personal information during their time connected to a network. We already use devices to store and communicate sensitive information like names, addresses, DOBs, social security and credit card information. The worst part is that most of these devices transmit this information unencrypted across networks, which means that even if your data is going to a secure location, it can be intercepted en route. Cloud services, used by all major device manufacturers, is the most vulnerable as it is always on the connected to wireless networks. You might not be worried if someone knows your email address or thermostat settings, but what about your credit card information? The IoT and device vulnerability has made privacy a big issue.
The majority of users and devices employ weak or simple passwords and authorizations because it’s too much trouble to create a unique password, or remember it. IT experts have revealed that most consumers don’t change their device passwords from the manufacturer’s default settings, which are usually common knowledge. In this way, the consumers themselves are creating a security threat. Or thin
k about those connected cars which can be unlocked and started from a distance, breaking in cars via these technologies is rapidly becoming the standard.
As mentioned earlier, a major chunk of devices transfer unencrypted data to other devices and server, making them vulnerable to interception by hackers. And given the kind of software updates that will be required to make all IoT compatible devices work together, security is a grave concern, especially considering that most devices feature old, outdated or unpatched software. This means that there is a security flaw in the very fundamentals of the IoT.
Another big concern is that the idea of connected appliances with other appliances is relatively new, and even unheard of in certain parts of the world, which means that security has never before had to be considered in product design. But all that has changed now, and everything from your alarm clock to your car is soon going to be part of one big network. So manufacturers should incorporate security in all their future IoT product designs.
Until security is made a cornerstone for product development and IoT device manufacturers take the appropriate steps to secure their devices before the issue spirals out of control, the Internet of Things will always be faced with an inherent security risk.