Hacking the Internet of Things: What Does Your Toaster Know About You … and Who Does It Tell?

You may have heard of the Internet of Things, or seen the IoT acronym and wondered what it means… especially now that hacking may be part of the equation. The IoT refers to “smart” devices (having sensors or CPUs) that are also connected to other devices so they can share information or execute commands via the Internet. So what does your toaster know about you?

Benefits of Technology

The potential benefits of this technology are enormous in terms of convenience or productive efficiency. For instance, if you have a tire going flat, you likely see a warning light on your car’s control panel. But with the IoT, at the first hint of trouble, your Bluetooth-enabled car might contact your iPhone to locate a nearby service station that has your size tire in stock. Siri could then initiate a conversation, alerting you of the problem, and to ask if you’d like to quickly make an appointment.

The IoT’s value in such human endeavors as manufacturing, transportation and customer service are clear: automated production would peak and wain in response to immediate logistical concerns; vehicles could be scheduled and re-routed based on instantaneous traffic and weather reports; and customer needs would be met before anyone is inconvenienced. On a personal level, we can use a webcam in our refrigerator to check our stock of milk while out shopping, or to locate a parking space at a crowded mall. For the most part, uses for the IoT are limited only by imagination. For example, a Japanese company has developed a toilet that tracks how much the user “goes” to help doctors diagnose potential ailments.

… And Its Consequences

Interconnectivity allows the Internet of Things to function. Unfortunately, all those smart-enabled devices may also be turned into entry points for hackers to raid, manipulate, or destroy their targets. In a matter of minutes, our modern devices can be reprogrammed by malware to surveil and then share just about anything with anyone. Last month, a child’s toy, a smart talking doll, was banned in Germany when regulators realized that it could be turned into an espionage device.
At least a talking doll draw attentions to itself. The real problem is all the devices (6.5 billion and growing exponentially!) that we don’t think about. These include: entertainment centers, connected climate control and energy meters, smart video conferencing systems, connected printers, VoIP phones, smart refrigerators … just to name a few. And for most of them, security is woefully lacking because who worries about having their dishwasher hacked? Yet we already saw an example of a coordinated attack on the IoT this past fall, when millions of everyday devices where taken over via malware and directed to cause significant portions of the Internet to crash.

Potential Targets of Cybercriminals

For most of us, however, the threats could be a lot more tangible and specific. One recent report matched the following devices with how they might be used against us:

  • Power meters: tampering with temperature controls leading to damage or destruction of vital equipment
  • Smart TVs: spying via video and microphone
  • Smart light bulbs: collecting Wi-Fi credentials
  • Security surveillance systems: disabled to allow break ins
  • Printer/fax/copiers: accessing private user information
  • Smart refrigerators: Obtaining user credentials

And this is just the tip of the iceberg. By 2020, an estimated 20 billion smart devices will be in service. The question is … in service to whom?

Manage the Internet of Things with SynchroNet

So if you’re thinking about bringing a fancy connected thermostat or refrigerator into your office environment, please call SynchroNet. Let us make sure that you have sufficient firewalls (or a guest network!) in place to keep your data, systems and assets protected from all the potential backdoors opened by the IoT.