Every new year is brimming with possibilities—especially this one. We are on the brink of the “Internet of Things” or “Internet of Everything,” which will connect us to each other, our homes, our vehicles, and more. Much of this innovation aims to keep us from harm’s way—for example, advanced driver assistance systems (ADASs), which many believe will put an end to fatalities suffered in car accidents. Other applications, such as those serving the connected home, should help us manage our households more easily while conserving energy. The list of benefits, from medical to entertainment, seems endless and continues to grow. In the midst of this excitement, however, many experts, skeptics, and doomsayers warn us that being more connected will expose us to severe risks.
On Jan. 7, an article in The New York Times (“CES: Security Risks From the Smart Home”) quoted Edith Ramirez, Chairwoman of the Federal Trade Commission, as saying, “Any device that is connected to the Internet is at risk of being hijacked.” The quote was taken from her prepared remarks at the 2015 Consumer Electronics Show (CES), where she added: “Moreover, the risks that unauthorized access create intensify as we adopt more and more devices linked to our physical safety, such as our cars, medical care, and homes.”
In U.S. society, there already is a high level of concern over keeping one’s personal information safe—especially financial information. Yet the steps that concerned consumers take to safeguard their information will likely be insignificant or outdated in the face of so much connectivity. And the concerns will extend beyond personal and financial information to the remote control of home and other systems. Imagine, for example, someone remotely unlocking a home or being able to see inside it. Similar risks come to mind for cars, appliances, etc. Anything that can be controlled remotely can theoretically be hacked and accessed by someone else.
These concerns bring me back to when consumers first started using IEEE 802.11b Wi-Fi networks in their homes. Those initial Wi-Fi access points had security features built-in, although they were very basic. Even more problematic, they had to be activated by the consumers themselves, who were largely unaware of this extra step. Judging from the new wave of connected devices that are already available in the market, it seems like they will follow the Wi-Fi path by building in only minimal security. Their assumption is that consumers will activate that security (for example, by replacing the standard password with a personalized one), keep it updated, and otherwise maintain it. We’ve come such a long way to this state of almost-connected everything, but we still haven’t learned to build in better security from the get-go.
Download this article in .PDF format
This file type includes high resolution graphics and schematics when applicable.