BACK

THE INTERNET OF THINGS: FRIEND OR THREAT?

It sounds harmless, doesn’t it, the Internet of Things? Billed as a way to simplify our daily lives, the allure of interconnected smart devices within our homes, that respond effortlessly to our needs at the touch of an icon on our smart phones, is difficult to resist. However, these emerging digital technologies pose a real threat …

  • 19 Jan 2021
  • Ash Kerr
3 min read
THE INTERNET OF THINGS: FRIEND OR THREAT?

It sounds harmless, doesn’t it, the Internet of Things? Billed as a way to simplify our daily lives, the allure of interconnected smart devices within our homes, that respond effortlessly to our needs at the touch of an icon on our smart phones, is difficult to resist. However, these emerging digital technologies pose a real threat to cyber security and data privacy.

Interconnected world of digital gadgets

The IoT is the interconnected network of smart devices or digital gadgets that are used in households across the world. From smart refrigerators to garage doors to the now eponymous smart speakers (Alexa: looking at you!), we are constantly connecting gadgets into the IoT for the sake of convenience. The devices ‘talk’ to each other and constantly transfer data. And as Secure64 Software Corp points out, ‘nearly all of these products were built without security in mind.’ They provide an easy route for hackers to more sensitive technology, like personal computers: an easy route to all our confidential data.

Despite the convenience and efficiency of a world of interconnected and intuitive devices, it is crucial that we are mindful of the threat. As the IoT expands, protecting our sensitive data becomes increasingly difficult. Martin Bökerat at Samsung (one of the world’s largest providers of smart domestic appliances) admits that:

‘The higher the number of devices that are connected to a network, the greater the vulnerability for being hacked.’

One huge concern is that companies who sell smart devices are not great, in general, at disclosing their products’ security vulnerabilities. A 2020 IoT Security Foundation report, which looked at the vulnerabilities disclosure practice of 330 companies globally, found that by 2019 only 13.3% had a Vulnerability Disclosure policy. The report states: ‘This is of great concern as vulnerability disclosure is widely considered to be a baseline requirement due to its fundamental importance towards operational IoT security.’ Some companies attach conditions to disclosure, and, according to the report, ‘Samsung’s SmartThings operates a non-disclosure scheme.’ [My italics] This means that even the savviest owners of Samsung smart fridges will never know of their appliance’s vulnerabilities.

Remote working increases cyber vulnerability

Aamir Lakhani, cyber security researcher and practitioner with FortiGuard Labs, says, conventional network boundaries are shifting:

‘With the rise of remote work, IoT, the cloud and other multi-edge environments, the traditional network perimeter is becoming a thing of the past.’

As a result of the Covid-19 pandemic, vast numbers of usually office-based employees have shifted to remote working. In 2020, according to the ONS, almost half (46.6%) of UK workers did some work at home. The end of lockdown is finally in sight for many of us, but the employment landscape has been irrevocably altered, and it’s quite possible that some employees will remain part of remote workforces well into the foreseeable future.

The merging of personal and business environments through remote working means that smart fridges, fitness trackers and such, have become vulnerabilities for big business as well as individual users. ‘Rather than having to penetrate the sophisticated cyber defences of business, criminals can now use IoT’s weakest links: products and appliances with poor security protections or none at all,’ we are told in a Financial Times Special Report.

An even greater threat?

More disturbing still is the potential for terrorists to abuse the power of the IoT on an infrastructural scale. A group of Princeton researchers‘ demonstrate[d] that an Internet of Things (IoT) botnet of high wattage devices–such as air conditioners and heaters–gives a unique ability to adversaries to launch large-scale coordinated attacks on the power grid.’ Hackers who target smart devices, with the aim of interrupting the power supply to millions of homes and businesses, could leave whole countries devastated. Fortunately, this remains theoretical for now.

Protect your Internet of Things with multi-factor authentication and up-to-date antivirus software

We should all think very carefully about whether or not a domestic appliance or digital gadget needs to be connected to the IoT. Just because we can doesn’t mean we should. It is crucial that consumers are equipped with the knowledge to make an informed choice.

In a busy world, though, where convenience and efficiency are at the top of everyone’s wish list in terms of the appliances they choose, connectivity to the IoT is an easy sell. It is crucial that consumers become cognisant of the threat to their privacy and the way in which some companies suppress information about the vulnerabilities of their products.

In the meantime, what can savvy consumers do? Secure64 recommends using the DNS (Domain Name System) – an IP address necessary to locate a connected device – to prevent devices from joining bot herds. A bot is a type of malware, infected by malicious code; a bot herd is a network of these infected devices, controlled by a single attacker. For the non-technical users out there: change passwords regularly, use password managers to keep on top of them, employ multi-factor authentication where available, and keep your antivirus up to date. And avoid connecting smart gadgets to the IoT needlessly.

Contact our team of experts to ensure your remote employees are protecting your business.

Blog Details
  • 19 Jan 2021
  • Ash Kerr

Newest Articles.

View all
  • 10 Feb 21

    Why the Top UK Organisations Are Using a 24/7/365 Cyber Security Service to Protect Their Digital Infrastructure? 

    Read Article logo
  • 25 Jan 21

    Ten Benefits of ISO-27001 & Why You Should Act Now

    Read Article logo
  • 21 Jan 21

    Why Is ISO-27001 So Important And Why Should You Act Now?

    Read Article logo
  • 19 Jan 21

    THE INTERNET OF THINGS: FRIEND OR THREAT?

    Read Article logo

Get a Quote

Click below and we’ll send you a quote as soon as possible.

quote-form-pattern
  • This field is for validation purposes and should be left unchanged.

Contact Us

Click below and we’ll send you a quote as soon as possible.

quote-form-pattern
  • This field is for validation purposes and should be left unchanged.

Step 1 of 4 - Let’s get started

  • Thanks for your interest in working with us. Please complete the details below and we’ll get back to you as soon as possible.
Close ×
price-popup-pattern
Close ×
price-popup-pattern
Close ×

Step 1 of 3

  • Cyber Essentials Basic Pass Guarantee - £950

    Your Details

price-popup-pattern
Close ×

Step 1 of 3

  • Cyber Essentials Basic Pay Monthly - £79 pcm

    Your Details

price-popup-pattern
Close ×

Step 1 of 2

  • Cyber Essentials Plus - Get a Quote

    Your Details

price-popup-pattern
Close ×

Get In Touch

  • This field is for validation purposes and should be left unchanged.
price-popup-pattern
Close ×

Get A Quote

  • This field is for validation purposes and should be left unchanged.
price-popup-pattern
Close ×
price-popup-pattern

Buy Cyber Essentials

price-popup-pattern