IoT: Internet of (Unsafe) Things

Internet of Things is under threat from its ancestor – the world wide web (www or web as we know it). The market of IoT devices is flourishing on the banks along a river with riptides. These devices, however smart enough to capture useful data, leave a trail of vulnerability behind. This is because of an inadequate emphasis on the security of devices connected to IoT.

Remote Controlled Smart Home

In October 2016, Dyn, the service provider of tech cyclops such as Netflix, Facebook, Twitter and the Guardian, took a major blow down because of a poignant denial-of-service (DoS) attack. This ceased services offered by these websites over a major part of the US and Europe. Denting our notion of security, this incident acted as a wake-up call for a reformed approach towards the preservation of data.

https://www.isaca.org/Pages/2015-risk-reward-barometer.aspx?cid=pr_1110352&appeal=pr" align="aligncenter" width="800"> ISACA 2015 IT Risk/Reward Barometer

Smart devices are entering our personal network, joining our tiny Internet of Things. This is merely an addition of more computers on the network. More insecure computers – which are increasingly easy to attack. Imagine buying a Microwave Oven that reads instructions off your mobile phone and thinking about its safety. It just doesn’t happen. We don’t look at the aspect of safety of “smart” devices because we weren’t initially trained to do so with our appliances.

Besides our technological unconsciousness, the world lacks standard guidelines on the security of IoT devices. This is largely due to the diversity in types of gadgets that create a smart ecosystem of devices, which can be controlled via our phones. It is the shimmer of convenience that has been able to let buyers overlook security. Even if you, as a consumer, wish to gauge security standing of these smart devices, there is a lack of fortifying measures or ratings.

Bruce Schneier, a well-known security intellectual and Harvard lecturer among other experts attest against catastrophic effect of these “smart” devices. As these are not equipped adequately to fend off targeting malware, he asserts that usage, for instance, inside hospital could turn a simple cyberattack into a fatal accident. It is, thus, best on the part of the government(s) to lay guidelines that ensure the safety of smart devices.

On the other hand, members of the U.S. Chamber of Commerce reserve the opinion that this framework may curb innovation. The Federal Trade Commission of the USA has taken an optimistic route by incentivizing the public to take charge of their devices’ security. The best innovation of IoT Home Inspector Challenge gets rewarded with $25,000 while three notable mentions will earn $3,000 each for developing tools to address vulnerability issues in IoT devices and networks.

Professor Kevin Fu of the University of Michigan testifies for “survivability and destructibility” test for IoT devices, just like car crash tests. These will help us assess how to recover from such attacks. Smart devices are easily exposed to attacks and it is imperative to build security into design. While we cannot smother innovation in the name of fear, users reserve the right to safeguard their privacy. Each IoT device is similar to a window, which can be useful for delightful sunlight but it needs a security mechanism against night burglars. With each window, you need better locks and higher control.