econintersect.com
       
  

FREE NEWSLETTER: Econintersect sends a nightly newsletter highlighting news events of the day, and providing a summary of new articles posted on the website. Econintersect will not sell or pass your email address to others per our privacy policy. You can cancel this subscription at any time by selecting the unsubscribing link in the footer of each email.



posted on 21 March 2016

Is Someone Watching You Online? The Security Risks Of The Internet Of Things

from The Conversation

- -- this post authored by Patryk Szewczyk and Nikolai Hampton, Edith Cowan University

The range and number of "things" connected to the internet is truly astounding, including security cameras, ovens, alarm systems, baby monitors and cars. They're are all going online, so they can be remotely monitored and controlled over the internet.

Internet of Things (IoT) devices typically incorporate sensors, switches and logging capabilities that collect and transmit data across the internet.

Some devices may be used for monitoring, using the internet to provide real-time status updates. Devices like air conditioners or door locks allow you to interact and control them remotely.

Most people have a limited understanding of the security and privacy implications of IoT devices. Manufacturers who are first-to-market are rewarded for developing cheap devices and new features with little regard for security or privacy.

At the heart of all IoT devices is the embedded firmware. This is the operating system that provides the controls and functions to the device.

Our previous research on internet device firmware demonstrated that even the largest manufacturers of broadband routers frequently used insecure and vulnerable firmware components.

IoT risks are compounded by their highly connected and accessible nature. So, in addition to suffering from similar concerns as broadband routers, IoT devices need to be protected against a wider range of active and passive threats.

Active IoT threats

Poorly secured smart devices are a serious threat to the security of your network, whether that's at home or at work. Because IoT devices are often connected to your network, they are situated where they can access and monitor other network equipment.

This connectivity could allow attackers to use a compromised IoT device to bypass your network security settings and launch attacks against other network equipment as if it was "from the inside".

Many network-connected devices employ default passwords and have limited security controls, so anyone who can find an insecure device online can access it. Recently, security researchers even managed to hack a car, which relied on readily accessible (and predictable) Vehicle Identification Numbers (VINs) as its only security.

There are many security threats to the Internet of Things. Author provided

Hackers have exploited insecure default configurations for decades. Ten years ago, when internet-connected (IP) security cameras became common, attackers used Google to scan for keywords contained in the camera's management interface.

Sadly, device security hasn't improved much in ten years. There are search engines that can allow people to easily locate (and possibly exploit) a wide range of internet-connected devices.

Many IoT devices are already easily compromised.

Passive threats

In contrast to active threats, passive threats emerge from manufacturers collecting and storing private user data. Because IoT devices are merely glorified network sensors, they rely on manufacturer servers to do processing and analysis.

So end users may freely share everything from credit information to intimate personal details. Your IoT devices may end up knowing more about your personal life than you do.

Devices like the Fitbit may even collect data to be used to assess insurance claims.

With manufacturers collecting so much data, we all need to understand the long-term risks and threats. Indefinite data storage by third parties is a significant concern. The extent of the issues associated with data collection is only just coming to light.

Concentrated private user data on network servers also presents an attractive target for cyber criminals. By compromising just a single manufacturer's devices, a hacker could gain access to millions of people's details in one attack.

What can you do?

Sadly, we are at the mercy of manufacturers. History shows that their interests are not always aligned with ours. Their task is to get new and exciting equipment to market as cheaply and quickly as possible.

IoT devices often lack transparency. Most devices can be used only with the manufacturer's own software. However, little information is provided about what data is collected or how it is stored and secured.

But, if you must have the latest gadgets with new and shiny features, here's some homework to do first:

  • Ask yourself whether the benefits outweigh the privacy and security risks.

  • Find out who makes the device. Are they well known and do they provide good support?

  • Do they have an easy-to-understand privacy statement? And how do they use or protect your data?

  • Where possible, look for a device with an open platform, which doesn't lock you in to only one service. Being able to upload data to a server of your choice gives you flexibility.

  • If you've already bought an IoT device, search Google for "is [your device name] secure?" to find out what security researchers and users have already experienced.

All of us need to understand the nature of the data we are sharing. While IoT devices promise benefits, they introduce risks with respect to our privacy and security.

The ConversationPatryk Szewczyk, Lecturer, Edith Cowan University and Nikolai Hampton, Master of Cyber Security Candidate, Edith Cowan University

This article was originally published on The Conversation. Read the original article.

>>>>> Scroll down to view and make comments <<<<<<

Click here for Historical News Post Listing










Make a Comment

Econintersect wants your comments, data and opinion on the articles posted.  As the internet is a "war zone" of trolls, hackers and spammers - Econintersect must balance its defences against ease of commenting.  We have joined with Livefyre to manage our comment streams.

To comment, using Livefyre just click the "Sign In" button at the top-left corner of the comment box below. You can create a commenting account using your favorite social network such as Twitter, Facebook, Google+, LinkedIn or Open ID - or open a Livefyre account using your email address.



You can also comment using Facebook directly using he comment block below.





Econintersect Contributors


search_box

Print this page or create a PDF file of this page
Print Friendly and PDF


The growing use of ad blocking software is creating a shortfall in covering our fixed expenses. Please consider a donation to Econintersect to allow continuing output of quality and balanced financial and economic news and analysis.


Take a look at what is going on inside of Econintersect.com
Main Home
Analysis Blog
A New Era of Central Banking?
Tax Reform: The Good, the Bad, and the Really Ugly, Part Three
News Blog
Who Are The More Dependent Parties In The Brexit Scenario
Super Bowl LI Drew 4th Largest TV Crowd In History
We Taught Bees To Play Football So We Could Learn About Their Brains
The State Of Lending In The United States
What We Read Today 24 February 2017
My Cat Is My Valentine - Furball Fables
17 February 2017: ECRI's WLI Growth Index Again Moderately Declines
Final February 2017 Michigan Consumer Sentiment Inches Up. Better Than Forecast
January 2017 Headline New Home Sales Significantly Improve But Below Expectations
Why The Proposed Border Tax Adjustment Is Unlikely To Promote U.S. Exports
Rail Week Ending 18 February 2017: Improvement Continues
Infographic Of The Day: Cannabis Law: The Past, Present And Future
Early Headlines: Asia Stocks, Dollar And Oil All Slip. Gold Steady, US Oil Exports Surge, Trump Backs Priv. Prisons, WH Hints Pot Crackdown, London Home Prices Slow, Trump Policies Will Help China And More
Investing Blog
Babson's Ten Commandments Of Trading
Investing.com Weekly Wrap-Up 24 February 2017
Opinion Blog
In Defense Of Greece: An Open Letter To The IMF
As Trump Flounders On Foreign Policy, Russia Flexes Its Nuclear Muscles
Precious Metals Blog
Deflation And Gold: A Contrarian View
Live Markets
24Feb2017 Market Close: Wall Street Rose From Session Lows To Close In The Green Near The Unchanged Line, Short-Term Indicators And Analysts Questioning Continuing Bull Run
Amazon Books & More






.... and keep up with economic news using our dynamic economic newspapers with the largest international coverage on the internet
Asia / Pacific
Europe
Middle East / Africa
Americas
USA Government





























 navigate econintersect.com

Blogs

Analysis Blog
News Blog
Investing Blog
Opinion Blog
Precious Metals Blog
Markets Blog
Video of the Day
Weather

Newspapers

Asia / Pacific
Europe
Middle East / Africa
Americas
USA Government
     

RSS Feeds / Social Media

Combined Econintersect Feed
Google+
Facebook
Twitter
Digg

Free Newsletter

Marketplace - Books & More

Economic Forecast

Content Contribution

Contact

About

  Top Economics Site

Investing.com Contributor TalkMarkets Contributor Finance Blogs Free PageRank Checker Active Search Results Google+

This Web Page by Steven Hansen ---- Copyright 2010 - 2017 Econintersect LLC - all rights reserved