Following the success of our blog series on cyber security, we would like to start a brand new blog series describing the concept of the Internet of Things (IoT) security to create and spread awareness among the general public on being secure in the world of IoT. This is the first part of this series that talks about the basic concepts of IoT to help people to handle IoT in a secured way.
As per Gartner predictions, 6.4 billion connected things, with 5.5 million new things per day, will get connected by 2016. The number of people that can connect to their home appliances remotely and control them from anywhere will increase. Ten years back, connecting to a home microwave or turning on the air conditioner while travelling back home were only part of James Bond movies. Well, these days we can all be 007.
With the advent of mobile operating system technology such as Android and nanotechnology, anyone can control any kind of device remotely using the Internet. Some of the possibilities are:
- The air conditioner at home can be switched on/off, and set to a specific temperature while returning back from the office. By the time you reach home, your house will be just as cool as you like it to be.
- The washing machines can be turned on so before you reach home the water is filled for you.
- The microwave can begin the process of cooking or heating your dinner so that it’s ready to eat at the time of your arrival.
- Your fitness tracker can monitor your body blood pressure, sugar levels and body temperature; etc. Your babies can also be monitored with the same fitness devices.
- The cameras at your house will let you know the movements inside and outside your home. You can keep watch as required from the comfort of your office … although your boss may not be too pleased with that.
The possibilities and benefits are unlimited but, unfortunately, so are the risks. If you are able to access these appliances remotely, it is also possible for unauthorised parties to access them, if adequate security measures have not been implemented. We will see more about this later in the upcoming parts of this blog series.
Your car, washing machine, pacemaker, microwave, furnaces, refrigerator, household cameras, smoke detectors, light bulbs, and even your watch can play a part in IoT. All of these can be controlled remotely at your fingertips. Interesting, isn’t it?
“With great power comes great responsibility”, applies perfectly to the people who will control their IoT enabled home appliances.
If you think a little bit about how one uses technology to control and command home appliances, it becomes apparent that a single device or app can be used to control them. You only say what needs to be done to these applications and they in turn communicate with the appliances to control them. For example, if you purchase an IOT enabled washing machine, the manufacturer will provide you with an application that can be used to operate your washing machine remotely. You simply install the app on your mobile device (that has an internet connection) and using the buttons within the application, you start operating your washing machine while travelling!
Now, if somebody compromises this application it means they own the IOT appliance. Owning one or more of your home appliances could mean owning your house. Sometimes it could even mean owning you and your family! The “benefits” of controlling your home remotely!
The advertisements generally downplay the risks that are associated with this concept.
The primary benefit of IOT is the ability to manage time more efficiently, given the ability to control and monitor various household stuff remotely. Let’s take the health benefits that these devices are intended to bring. Monitoring blood level, blood pressure etc., were big tasks ten years back, so much so that they required a hospital visit. Now tests can be done everyday, and the results monitored so that you may plan your diet accordingly. Your family physician may also be able to monitor your health parameters and sound the alarm if things go wrong. Fabulous.
However, there is a major problem. If someone compromises the IOT enabled devices, then there is a serious impact on personal privacy and safety for the owner of the device and his/her family. We are going to have around 6.4 billion connected things by 2016! All the better to hack with.
The objective of this blog series is certainly not to spread panic about IoT. IoT is here to stay. However it is important to create and spread awareness on being secure in the world of IOT!
…to part2: Security risks with IoT
Images courtesy of:
1. www.3g.co.uk/g_phones/large/internet-of-things-everything-you-need-to-know.jpg
2.gkapteina.files.wordpress.com/2015/08/efergy-com-blog-iot-explosion-of-connected-things.png
Senthil Velan
Manager,Vulnerability Research
If you wish to subscribe to our blog, please add the URL provided below to your blog reader: https://labs.k7computing.com/feed/