The IoT: Approach With Caution

The IoT is exciting, but some companies are rushing in without thought


By 2020 there will be 25 billion devices connected to the Internet of Things (IoT). A number of multinationals - including Google, IBM, Apple and Samsung - have been snapping up startups as they look to make sure that they're in the best position to take advantage of the IoT. A good example being Intel's purchase of Lantiq, a fabless semiconductor company, bought to promote Intel's smart gateways.

While companies are making the IoT a priority, security flaws are commonplace. In London, iKettle, a company which allows users to boil their kettle from a phone, was described as 'trivially easy' to hack, with Darren Pauli reporting that within two commands 'it discloses your wireless key in plain text.' Unfortunately, iKettle isn't the only perpetrator. A report by HP found that across 10 IoT devices there were 250 security flaws. Not only that, 90% collected sensitive personal information and 60% had insecure user interfaces.

This is worrying news. IoT manufacturers clearly have a lot of work to do between now and 2020, with the HP report recommending they make security reviews a priority. Yet it's not a lack of expertise or technology standing between the IoT and heightened security, but the bullish approach companies are taking to the IoT. Daniel Riedel, CEO, New Context states: 'in the rush to throw themselves over the bleeding edge of technology, many companies haven’t taken the necessary steps to ensure those devices are secure.' He refers to the IoT as the tech industry's 'drunken bender' - like driving to a party in the middle of nowhere and not having a designated driver.

Many assume that there's nothing to worry about because the devices either currently available or soon to be released aren't associated with sensitive data. Who cares if someone knows how many times I boil my kettle each day? But as with the iKettle example, these devices act as a gateway for hackers. Samsung's smart refrigerator range is a case in point. Known as a MiTM (man-in-the-middle) vulnerability, security researches found that while the refrigerator uses SSL, it fails to validate SSL certificates, making it an easy target for hackers. This would leave the user's gmail login credentials open, and therefore up for grabs.

Samsung's issues pale into insignificance when you consider the problems Chrysler has experienced. Research showed that it was possible for hackers to send commands through the vehicle's entertainment system, enabling them to effectively drive the car.

When coupled together, it's clear that security is still holding the IoT back. And while the impacts have been limited so far, the industry's projected increase will catapult the issue to front and center. With almost every major tech company looking to partner with startups, however, it seems that they are fully aware of the challenge ahead.

University lecture small

Read next:

How Are Higher Education Institutions Using Analytics?