Is Your Toaster Spying on You? Security Concerns in the Internet of Things

When so many products can now be equipped with a tiny microprocessor and Wi-Fi connectivity, the possibility to pervert their use over the Internet of Things is a threat that nobody can ignore. Initially, IoT was to be a next generation, connected world in which devices talked to each other for automatic management, repair and billing of associated web services. Your toaster would receive new firmware to make toast better, your fridge would order more milk by itself, your garden sprinklers would automatically adjust water volumes to weather reports, and so on. Unfortunately, such capabilities can serve bad as well as good purposes, and enterprises are as much at risk as consumers.

Cyber security experts have already demonstrated vulnerabilities in connected car entertainment systems that allow external hacking of steering and brakes, as in the Jeep Cherokee and its unprotected port 6667. Utility companies have also detected criminal hacking activity in their software-driven electricity grids, where a malfunction can affect thousands of people or more at the same time. The principles of these exploits are not new; however, the Internet of Things now increases the potential impact by orders of magnitude.

To fight back against such abuse, the trend is currently to use big data analytics to spot IoT hacking. Market pressure from both the public and the private sector may then result in more affordable solutions to allow enterprises of all sizes to protect themselves against this risk. Implementation of the right measures in an organisation will still require the attention of top management to ensure adequate protection of the business, its employees and its customers. Those organisations that have already put good IT governance into will have a head start in putting effective security into place for their connections to the Internet of Things.