Last updated: 10 February 2016
As you’ll know from reading our blog, the IoT has entered the mainstream and is revolutionizing practically every aspect of our lives – the way children engage with their toys, driving a car, even opening your fridge door! Who’d have thought that everyday household items like your television, your phone and your living room lights might one day be capable of transmitting data? This post draws from some examples highlighted in a new IoT Security eBook we’ve published this week.
There’s no doubt that the increased amount of data crossing the Internet of Things has huge potential, and it opens up all sorts of possibilities for making our lives better and more convenient than ever. However, we were particularly struck by the news that a new connected fridge, a device which updates you when you’re short of a particular food item, helped transmit 75,000 spam emails! We’re not talking about canned, processed meat here – we mean those annoying junk messages sent to your email account containing pointless adverts and sometimes harmful links! That’s just one example of a potential risk emerging from the modern IoT-powered smart home.
More dangerous still is the possibility of cyber-attacks. A hacker only needs 15 seconds to seize control of a smart thermostat. Already there have been cases of connected toys being targeted by cyber-criminals, jeopardizing the personal information of parents and children. Imagine what might happen if a cyber-attacker was to hack into the connected car of the future – chaos would ensue. This isn’t the stuff of a science-fiction movie; it’s a genuine possibility as cars become increasingly connected, and indeed we’ve already written about some early exploits here on this blog.
Ubiquitous data inevitably pushes security and privacy to the top of the digital agenda. We’re not surprised, then, that the GSMA, the global association of mobile network operators, has put forward an IoT security framework, which it expects members to abide by. And it’s not just the GSMA who are concerned.
At Gemalto we’re passionate about the potential of the IoT – but we appreciate that if the sector is to continue to grow, we have to address widespread concern over security and privacy. That’s why we’ve our new eBook on IoT security sets out our three pillared approach. Effective security solutions need to; secure the cloud, secure the device and secure the lifecycle, or in other words, ensure data is protected on every step of its journey. Planning is crucial – risks need to be properly evaluated and then strong authentication, encryption and tokenization techniques should be employed.
What do you think the challenges are for IoT security? Can we overcome the security and privacy obstacles and create a truly connected world? Let us know by tweeting @Gemalto or by posting a comment below.