At the 2014 Consumer Electronics show, the Internet of Things and smart devices stole the spotlight. Tech heavyweights Samsung and LG unveiled their “Smart Home” devices, which consisted of household appliances that were able to communicate with the homeowner and each other. These M2M devices (machine to machine) are each assigned an IP address, allowing them to connect to the Internet and transfer data (or, in other words, talk to each other) over a network without the need for human interaction.
This technology provides businesses and consumers with an array of benefits, without a doubt. Consumers are able to save on time and money – now that they can switch their appliances to an energy saving mode remotely or text their fridge to find out if they need to buy milk at the store before arriving home. Businesses are able to collect endless amounts of information from their customers and their devices – such as maintenance requirements or customer food preferences. However, with both parties looking to utilize IoT as soon as possible, security measures have been overlooked.
Between December 23 and January 6th, several Internet-connected “smart” devices – including refrigerators – sent upwards of 750,000 malicious emails. This is believed to be the first cyber attack involving IoT, and likely won’t be the last. Many IoT devices are poorly protected and consumers aren’t able to detect or fix security breaches when they do occur. As more of these smart appliances “come online”, attackers are finding ways to exploit them for their own needs.
Additionally, following an M2M conference in Toronto, ON, the Director of Policy for Ontario’s privacy commissioner pointed out that these devices also hold a lot of data that will be personally identifiable. Organizations are being urged to think about the privacy of customer data before employing M2M and IoT devices. Recently, customer data was leaked by LG’s smart TV as it was collecting and transmitting personal information to the manufacturer because there was no encryption. In an even more bizarre circumstance, the signal transmitted from a wireless camera used to monitor the interior of a Canadian methadone clinic was being picked up by a back-up camera inside of a vehicle outside of the building.
It’s imperative for organizations and consumers to comprehend the security and privacy risks associated with M2M and IoT enabled devices. Consumers will need to ensure that they keep their software up-to-date, change all default passwords to something more secure, and place their IoT device behind a router. Meanwhile, organizations who manufacture these devices must incorporate any available security measures available to ensure their customer’s information and network stayed protected. The benefits of IoT devices far outweighs the concerns, but those concerns still need to be addressed before IoT can really take off.
To learn more about the Internet of Things, check out our previous blog post by clicking here.
Blog Author: Vanessa Hartung