According to a Gartner report, about 25 billion devices/objects will be connected to the Internet by the year 2020. While this may sound exciting as a technology, but it brings with it immense security risks too.
If your refrigerator, lamp, oven, television, car, or any other physical object is connected to the Internet and is able to exchange data with other connected objects, then you are basically making use of a network called the Internet of Things. The ‘things’ in this term refers to everyday physical objects ranging from home appliances to entire factories, that are assigned a unique IP address and are interconnected to other such objects without any human interaction. According to a Gartner report, about 25 billion devices/objects will be connected to the Internet by the year 2020.
The entire canvas of the Internet of Things (IoT) may look peachy, but deep down, it could be a cauldron of security risks. While the end results behind creating this marvel of a wonder is automation, efficiency, safety, and convenience, the other side of the coin could be dark, bearing an entirely different story; unpleasant and horrific. This brief write-up is an attempt to throw some light; pessimistic yet pragmatic, into the many potential security predictions/risks connected with the Internet of Things.
Security Predictions for Some Popular IoT Devices
Smartphone Garage Door Openers
Preface:
These devices enable home owners to operate their garage doors remotely (open and close) with the help of Internet connectivity. The user may operate the device using a smartphone app or a web portal on their computer or laptop.
Potential Security Risks:
An attacker who is able to hack into the user’s device (smartphone or laptop/desktop) can perform the following operations:
- Observe the current state of the garage door; open, closed or in motion.
- Control the function of the door, commanding it to open or close at will.
- Manipulate the device to send notifications on email or mobile whenever the garage door is operated.
Impact
Exploiting the above risks can give hackers an opportunity to rob the house or even worse, mess with other Internet-enabled devices in it.
Smart TVs
Preface:
Originally known as ‘Connected TVs’, these devices can connect to the Internet and offer multiple Internet-based services to users such as online media streaming, online radio, and web browsing to name a few.
Potential Security Risks:
The greatest and most concerning risk about a compromised Smart TV is getting spied by hackers and being completely aloof of it. Such a device, when compromised, can allow hackers to:
Install spyware (a malicious program that steals user information without their knowledge) in the television itself.
Take control of the television’s microphone and web cam to eavesdrop on the inhabitants of the house.
Steal login credentials and personal information from users who log in to online shopping or banking portals on the television.
Impact
- Infiltration of privacy.
- Phishing attacks on banking and personal information.
Smart Thermostat
Preface:
Thermostats are devices that help users control/adjust the temperature in their homes. Unlike regular thermostats, the smart ones learn from user behavior and can automatically decide the specific type of temperature required at a specific time of the day. Smart thermostats can connect to the Internet and so can be controlled remotely using a smartphone, tablet or a desktop/laptop.
Potential Security Risks:
If an attacker has access to a compromised smart thermostat, then they can perform the following operations:
- Trick other Wi-Fi devices to connect with the thermostat and siphon data from those devices.
- Piggyback on the hacked thermostat and exploit software vulnerabilities in connected devices like computer, baby monitors, garage openers, etc.
- Access user data including postal code, Wi-Fi login credentials, and information such as when the user is at home and when not.
Impact
- Data theft
- Burglary
- Compromise of other connected devices
Smart Refrigerator
Preface:
Also called Internet Refrigerator, a Smart Refrigerator can sense what types of products are stored in it, and maintain a log of the quantity so that it can be replenished whenever required.
Potential Security Risks:
When compromised by an attacker, a smart fridge can become responsible for the following security risks to the user:
- The fridge can be used as a bot (hacked machine) to launch DoS (Denial of Service) attacks against targeted networks.
- The fridge can be used to send spam and phishing emails to unsuspecting users with an intent to steal user information and passwords.
- It can also be used to send out infected emails to user machines which can then be compromised and added to the hacker’s botnet (a group of infected machines).
Impact:
Large-scale cyberattacks against other victims which may also include organizations.
Connected Car
Preface
A car that can be connected to the Internet is known as a Connected Car. Some may classify it as a Smart Car. Such cars are usually connected via a wireless local network; a number of functions in the car can be accessed by the user via a smartphone or a laptop connected to the same network.
Potential Security Risks:
A hacker who has established their connection with a car with the help of an infected app in the user smartphone or a laptop itself, can:
- Turn off the car and render it motionless right in the middle of a highway or any random location.
- Take control of the steering, braking and transmission system, virtually controlling the car in any way they please.
- Mess with the wipers and the wiper fluid to blur the windshield.
- Track the car’s GPS coordinates and trace its route without the driver knowing about it.
Impact:
- Car hijacking
- Threat to the driver’s life and that of other commuters
- Accidents
To sum up this discussion, the quotient of convenience in our world stays directly proportional to security threats. The more convenient technology is, the more people it attracts, increasing the risk of human errors and vulnerabilities and thus expanding the job profile of hackers. It won’t be unfair to say that where the most popular technology goes, cybercriminals follow. And Internet of Things, could be, by far the most happening thing since the Internet.