Skip to main content

Internet of Threats!

The Internet of Things (IoT) is continuing to gain traction with an ever-increasing number of connected devices coming to market. But as tech-savvy consumers begin investing in their first devices for a connected home, what is to stop them becoming a cyber attacker's next target?

While still uncommon, we know that cyber attackers are going after connected consumer devices, demonstrated on a massive scale by the group of Russian hackers who published thousands of live-streaming webcam footage from over 250 countries.

Unless the manufacturers of connected devices take a holistic approach to bolstering their cyber security efforts, these types of attacks will increase in number.

To gain a greater understanding of the cyber security risks that consumers could be exposing themselves to, research was conducted into the cyber security posture of six ‘always-on’ consumer IoT devices. The results were unsettling.

Veracode carried out a set of uniform tests across all the devices and found that all but one exhibited application-related vulnerabilities across web, mobile and cloud services.

Exploiting these vulnerabilities could enable cyber attackers to do a wide variety of things, from running spyware to monitoring all information monitored and even complete control of the device itself. It’s clear these devices were not designed with cyber security in mind.

Where designers are not prioritizing cyber security or privacy, they are putting consumers at risk of a cyber attack or physical intrusion. For example, the information leveraged from anUbi – a WiFi connected, voice-operated computer that allows for hands-free voice interaction in your home – could be used by a criminal to determine exactly when the user is likely to be home, potentially facilitating a robbery or even stalking. 

Alternatively, cyber security vulnerabilities within a Wink Relay device – which  controls lights, heating and even door locks – could allow a criminal to turn on the microphones and listen to any conversations within ear shot of the device, supporting blackmail efforts or capturing corporate intelligence from anyone working in a home office.

Security not a priority to manufacturers

It is not surprising that cyber security hasn’t been prioritised in the production of these devices when considering their lifespan. According to a recent CE Product Lifecycle Study, consumers expect to replace their electronics every five years.

This means that for many manufacturers, the focus is largely on developing the next ‘killer feature’ that makes a consumer’s life easier to stay competitive and acquire a healthy stream of new customers.

Since the average consumer thinks cyber security is an internet issue, cyber security just isn’t a high priority for home automation device manufacturers.

Like any emerging technology, the perceived risk relates to the volume of devices on the market. While there are far greater cyber security risks towards more lucrative targets, such as mobile banking, e-commerce and healthcare self-service applications, there is certainly a growing risk posed by IoT devices.

We may see specific attacks on high-profile targets, such as celebrities and politicians whose information is already of value due to their status. For example, last year the iCloud accounts of celebrities, including Jessica Lawrence and Kim Kardashian, were specifically targeted to leak intimate information and pictures.

What does all this mean for consumers who have bought or are looking to buy connected devices? Buyers need to be aware that these devices come with cyber security risk and should take this into account when choosing what to purchase. Look at the track record of the company who manufactures the product.

Tomorrow’s threat

While cyber security is on every consumer’s mind today, most don’t view home automation technology as a serious threat. After all, why would anyone care what temperature you like the living room set to or if you dim your bedroom lights after dinner?

Everyone must start thinking like a cyber attacker and understand that all information has value to someone. For example, ransomware or cryptolocker-style attacks on PCs are already a common nuisance – locking files or access to your PC altogether until you pay a ransom to regain access.

What’s the impact of such an attack on a home automation device that leads to, “I won’t turn your central heating back on until you wire me £1,000?

While consumers need to be vigilant about the risk of technology in their home, manufacturers need to do a better job of securing their IoT products.

These manufacturers have a responsibility to take steps to minimise the risk of losing users’ sensitive data and to mitigate any risk to the consumers’ physical safety.

While consumers might not be feeling the full effects of these IoT risks now, they should join the cyber security industry in putting pressure on manufacturers to do their upmost to ensure that these cases never arise

Comments

Popular posts from this blog

How to Unlock (and Play) Hidden Chess Game Inside Facebook Messenger

What can you do with Facebook Messenger? Chat with your friends Send GIFs, stickers, and photos Make video calls Send people money in Messenger Have you ever wondered to Play a game while you chat with friends? Yes, it is possible. Facebook had made it to the reality by building a hidden built-in functionality in Facebook Messenger that lets you play Chess with your friends without having to install a third-party app. It just takes one simple step to unlock this hidden game. All you need to do is: type " @fbchess play " and hit Enter, during a conversation, and a small square box would appear in the chat box. Here's how to play: The person who initiated the game would be assigned "White" side, to make the first movement. Although there is some standard algebraic notation like:- B for “Bishop” R for “Rook” Q for “Queen” K for “King” N for “Knight” P for “Pawn” Pawns could b...

IoT’s Biggest Challenges : Privacy and Security

E verything today from your mobile to refrigerators to cars are interconnected, which made our life easier. This device collectively called IoT. But they have also created new vulnerabilities for hackers. IoT devices are poised to pervasive in our lives than mobile phones and they have access to sensitive personal data may be your credit card number, banking information and many more. As number of IoT devices constantly increase, security risk also increases. Device manufacture’s doesn't care much regarding device security and consumer have to suffer may he can be hacked and there may be severe consequences. A single security concerns on single device can cause multiple concerns when considering multiple IoT devices interconnected together. IoT devices use some form of cloud service and a mobile application use to access and control device remotely. So it’s very important to understand security risk. Current Scenario : Security Risks Privacy Concerns Many devices co...