Locking down the Internet of Things

Much has been made of the economic benefits of the Internet of Things, but at what cost to our security and privacy?

Imagine a world where the electrical items in your home were constantly collecting data about your living habits and feeding it back to some faceless third party.

While this might sound like something lifted straight from the pages of a dodgy paperback sci-fi novel, it is a scenario that is expected to be played out in millions of homes across the world over the coming years.

The Internet of Things (IoT), as the concept has been dubbed, has been a major source of industry discussion for some time now, with many talking up the economic benefits it could bring.

There is a real possibility that an individual's habits, location, interests and other personal information may be easily tracked.

Advertisement
Advertisement - Article continues below

For example, networking giant Cisco recently claimed IoT will open up trillions of dollars of new market opportunities over the next decade. 

But, while analysts and vendors talk up the massive sums of money to be made from IoT, the European Commission has flagged some serious concerns about life in the connected world.

In a recent IoT factsheet, published on the back of a public consultation carried out by the commission last year, the organisation said everyone should be concerned by the prospect of an "omnipresent" network of connected devices.

"[The] cross-linking of objects offers new possibilities to influence and to exchange [and] this leads to a variety of new potential risks concerning information security and both privacy and data protection," the document states.

From a privacy point of view, the collection of information by a multitude of connected devices could make it easier for people to be identified unless steps are taken to ensure the data is completely anonymised.

It is a point Kevin Curran, a cyber security academic and senior member of trade association IEEE, thinks needs to be urgently addressed.

"There is a real possibility that an individual's habits, location, interests and other personal information may be easily tracked," he says.

"[Because] there is sophisticated data mining software in use which can reveal uncannily accurate information [based] on previously anonymous' data."

This information could be repurposed by identity thieves, seized by others for blackmail purposes, or simply sold on as marketing data, he adds.

Either way, Curran says there needs to be a public debate on the social and privacy implications of IoT in order to establish clear rules on how data can be used.

Advertisement
Advertisement - Article continues below

"There is still no agreed protocol for access to public data when it comes to law enforcement agencies or other intelligence agencies, and there is a debate waiting to happen here," he explains.

Miles Hodkinson, chief technology officer at wireless components firm Ciseco, backs this point, describing the privacy and security implications of IoT as a taboo subject within the IT industry. 

"It's the elephant in the room no-one wants to mention because when you look at the $14.4 trillion figure Cisco has flagged, for example, these figures are eye-watering and it's a great story for shareholders," he says.

"But people seem to be forgetting about the user's role in all this...[and treating them like] this thing that generates data and revenue for them, while everyone else consumes it."

Most IoT discussions seem to focus on how the data generated by connected devices will improve user experiences or make it easier for marketing firms to target products at consumers, but Hodkinson fears the information could fall into the wrong hands.

"If the power consumption of your fridge can be monitored, which is something we have the power to do today, it's not difficult to establish what time you go out to work. All I need to do [then] is have a word with someone and say 'this is about the time I think you should go and burgle that house,'" he says.

Furthermore, the 'trivial' information a fridge can feedback could be tracked over time and lead to assumptions being made about people's living habits, which in turn could affect other areas of their lives.

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now
Advertisement

Most Popular

Visit/strategy/28115/the-pros-and-cons-of-net-neutrality
Business strategy

The pros and cons of net neutrality

4 Nov 2019
Visit/public-cloud/34850/salesforce-takes-aws-relationship-to-the-next-level
News

Salesforce takes AWS relationship to the next level

19 Nov 2019
Visit/security/ransomware/354171/microsoft-issues-statement-debunking-teams-ransomware-rumours
ransomware

Microsoft issues statement debunking Teams ransomware rumours

21 Nov 2019
Visit/mobile/5g/354161/tests-show-uks-5g-network-is-450-faster-than-4g
5G

Tests show UK's 5G network is 450% faster than 4G

20 Nov 2019