Knowing that we are a wealth of information for smart gadgets seems intimidating. A data scientist recently experimented on a platform designed to control his smart devices such as door locks, lights, window shades and other appliances in his home. To his surprise, what his smart home knew about him was much more than expected.
What his results showed:
- Anyone with his platform login information could identify the names of his devices, network information, and social media accounts.
- The exact location of his house was easily traced by an app that monitored his grill’s propane cylinder by reporting its latitude and longitude.
- It could be figured out whether his house was empty or occupied utilizing his Nest thermostat.
- To gather the information on what was happening in his home in real time, he wrote some programs to ping the devices and they were found to transmit data securely on its way to companies’ servers leaving much exciting stuff in the cloud too.
From Spying To Hacking
In 2015, a Barbie doll was used by strangers for communication. Being WiFi enabled, it acted as a surveillance device, listened to family’s conversations, generated the tailored responses while talking to kids and sent the recordings to a US company. This assuredly demands a close inspection of smart devices for consumer protection but in the meantime, consumers must think about the risks they are buying along with IoT devices. Do you really need smart devices?
Smart Devices Lure Cybercriminals
Looks like IoT has brought cyber-physical systems with hands and feet to affect the physical world. Lack of cyber security and regulations have opened wide-open doors for advanced threats and attacks by cyberthieves. Some prominent ways of IoT hacks are:
- Botnets: The target is to infect interconnected systems with malware to seize control over the entire network to degrade it. Infected machines turn into a network of bots also called zombie networks that are remotely controlled by cybercriminals.
- Man-In-The-Middle: The target is to intercept communication between a client and company to hack the legitimate communication through smart devices and trick them into thinking that the two parties are exchanging valuable information between each other while they are not.
- Identity Theft: The target is to find individual identity details for financial fraud. You may not be even aware that you have changed your address with creditors and applied for new loans and cards in your name without your knowledge.
- Social Engineering: The target is to send phishing emails to clients or staff members posing as an accredited company representative and request either banking information or a company’s confidential data.
- Denial of Service (DoS): The target is to completely disable business from operating by overloading the services with requests for disrupting them in order to sabotage the reputation of the company.
How To Mitigate IoT Risks And Stay Protected?
- Choosing the devices wisely that are designed with enhanced security
- Implementing new ways of networking by re-imagining operational realities
- Enhancing the design with detection capabilities of machine learning to ensure failure-survival plans
- Setting up training programs to implement threat models for users to apply the best strategies for prevention
- Staying informed with the latest cyber threats
There is no doubt implementing IoT is fun. It is transforming every corner of our lives. Machines keeping track of the quality and viability of things at home and offering insights into our consumption habits is really interesting. Apart from producing energy saving and consumer convenience products and streamlining the business processes, IoT devices have left everyone in awe when they helped investigators as evidence to solve crimes successfully. A report says that there will be about 34 billion devices connected to the internet by 2022. Are the lucrative advantages of smart devices superseding the potential dangers of devastating attacks? Even after we pay for them, will they be ours? Are they making our lives easier or miserable? As long as security flaws in IoT devices stay unresolved, we have to proceed to the future safely.