THE INTERNET OF THINGS: the next intruder in security?
If you are like me, you would have fantasized: ‘IoT would bring my reign, treat me like a Prince and put me in a world of sheer convenience’. Oh wait, does the monarchical system feel a bit too old or overstated? Ok, let’s fast forward to the ‘Democracy’, where you at least thought, the IoT will let you be like Richie Rich, “the poor little rich boy” with a ‘Dollar’matian dog, who had nearly everything automated around him.
No wonder, because with IoT, – “Everything that can be automated will be automated”- said Robert Cannon, Internet law and Policy Expert.
Internet of Things– the new buzz is certainly the next big thing you are going to witness, whether you are its fan or critic! In a nutshell, Internet of things, also called Internet of Everything (IoT) is a network into which the everyday things in our life (like phones, car, laptop, tea machine, alarms and anything with an ‘on & off’ switch to internet) are connected for machine to machine communication within themselves to accomplish tasks. After an era of connecting places and people, the Internet of Future is all geared up to connect every object/thing in our day to day life. It took a decade to deploy the first billion internet-connected sensors, a billion more sensors were deployed in the year 2013 alone, and now we are on our way to a trillion connected devices, very soon we’ll see everything connected to this network.
As it has been at every point of this development, with a lot of conveniences and possibilities come the open chances to insecurity, vulnerability, and privacy breach. And with IoT, these aren’t the regular “my remote knows my email password” type of issues, but are going to be more severe vulnerabilities. Trust me, you ain’t seen nothing if you thought Viruses, Trojans, rogue security software or phishing attacks were serious security issues, because your total security in future- whether you use or don’t use computers/internet, is under the nose tip of: THE INTERNET OF THINGS!!!
While making life convenient and comfortable, the availability, use and exchange of private data during the courses of providing various IoT services/applications will also generate severe security/ privacy issues. More and more private information will be fed into machines and when these machines go online, there stands a possibility for hackers too to access these. “We have created a whole new playground for attackers to dream up things to do — whether it is nuisance, whether it is theft or whether it is violence”, says Jeff Greene, senior policy counsel at Symantec, and co-chair of the NSTAC task force.
…There you see Richie’s fancy Mansion slowly fading and evolving into Mario’s dreaded Sky Island 18 hole challenge…
Let’s see how the IoT will challenge its adopters,
Top security challenges that IoT would encounter:
- Too many points of breach: In IoT, every device and sensors would represent a potential risk. How confident can companies be about their huge number of devices connected in IoT, their ability to preserve the confidentiality and integrity of Data? Researchers at Eurecom technology institute, France, downloaded 32000 firmware images from potential IoT device manufacturers and found 38 new vulnerabilities in more than 693 images that were extended to over 123 products. These vulnerabilities included poor encryption or loopholes to unauthorized access and affected nearly 140K devices in the Internet.
- Unlawful Surveillance: The various objects connected to the IoT via internet connecting modules in it, like toys, cars, keys or home appliances can be potential threat of illegal surveillances. For instance, Federal Trade Commission (FTC) had to file a complaint against the wireless camera production company, TRENDnet Inc. in 2013, as the videos recorded by nearly 700 of their cameras were hacked and put up with insecure internet links. This was due to the lack of proper security guidelines for the wireless cameras. Similar issues can happen in IoT where a lot of personal things used every day can compromise your privacy or security to criminals who can access even more information through your compromised/less secure things in the network. Economist reports that 60% of the surveyed business leaders think that security and privacy issues will hamper uptake of IoT by customers.
- The integrity and reliability of data collected: IoT will bring data from all sort of sensors connected in its network to corporate systems. Organizations can’t be sure whether all these data are secure, compromised or interfered with.
- All sort of personal data up there in the network and you expect privacy? With all sort of data collected from our daily lives, IoT will help us make smarter decisions and bring smarter solutions. But, what if the data collected by different devices get compromised at any point? Criminals will be able to actively intrude in private lives of people. A similar breach happened recently with a Japanese automated toilet, where Trustwave Holdings Inc’s consultant, Daniel Crowley hacked it, and was able to play music or make it flush randomly.
Nevertheless, the impact of such smart connected devices is expected to be in trillions annually, which lured the eyes of many, who argued that proper regulations and policies can very well apply brakes to such malpractices with IoT. Enterprise IT managers, policy makers, and other smart guarding brains have shielded us from challenges arising with every innovative technology, with the help of even better technology and policies to lessen such risks. If consumers, developers and providers clearly understand the security issues associated with the different modules, providing best IoT solutions with security and privacy factors kept intact wouldn’t be an unattainable goal, though it will be tricky.