Hacking and the Internet of Things
The annual 2016 Consumer Electronics Show (CES) was dominated by devices and products set up to receive and send information as part of the Internet of Things (IoT).
A wide range of products were unveiled, including, networked LED systems with the capacity to send notifications to alert managers which products are getting the most attention from customers, and light switches that allow parents to put the lights on in their teenagers room to wake them in the morning, even from work.
Besides these innovations and others, there was also a certain amount of concern about some problems that may arise from IoT, which were discussed by a few panels at CES.
IoT technology is essentially objects with digital sensors attached that can communicate information in the form of data via Wi-Fi. The problems arise when people begin to consider what will be sent and how it will be sent.
There are many examples of applications for IoT—here are a few:
Imagine a nuclear power plant that is transmitting data about how the reactor is running, whether there is a build up of waste and the energy output.
Another application could be a bicycle that is communicating its location along with information relating to the workout of the rider and whether any parts are defective.
Both of these examples come with a certain amount of risk. In both cases, the objects in question are at risk from hackers, who could potentially intercept the information and use it in a criminal manner.
For the nuclear plant, information about fuel being stored could alert attackers to the ideal time to break in and steal it. Or, they could get information that would allow them to infiltrate the system and attack the cooling system with the objective of causing the reactor to melt down.
Third parties, such as insurance companies, could observe the cyclist and any information gathered could be used to set their insurance premium based on their condition.
The Internet was originally set up to make information sharing easy, and therefore does not have protection for individuals’ information built in.
At CES, many conversations were taking place about how to build protection into IoT at this early stage, so that it isn’t as easily hacked as the Internet has been.