Locking down the Internet of Things

Much has been made of the economic benefits of the Internet of Things, but at what cost to our security and privacy?

Imagine a world where the electrical items in your home were constantly collecting data about your living habits and feeding it back to some faceless third party.

While this might sound like something lifted straight from the pages of a dodgy paperback sci-fi novel, it is a scenario that is expected to be played out in millions of homes across the world over the coming years.

The Internet of Things (IoT), as the concept has been dubbed, has been a major source of industry discussion for some time now, with many talking up the economic benefits it could bring.

There is a real possibility that an individual's habits, location, interests and other personal information may be easily tracked.

For example, networking giant Cisco recently claimed IoT will open up trillions of dollars of new market opportunities over the next decade. 

But, while analysts and vendors talk up the massive sums of money to be made from IoT, the European Commission has flagged some serious concerns about life in the connected world.

In a recent IoT factsheet, published on the back of a public consultation carried out by the commission last year, the organisation said everyone should be concerned by the prospect of an "omnipresent" network of connected devices.

"[The] cross-linking of objects offers new possibilities to influence and to exchange [and] this leads to a variety of new potential risks concerning information security and both privacy and data protection," the document states.

From a privacy point of view, the collection of information by a multitude of connected devices could make it easier for people to be identified unless steps are taken to ensure the data is completely anonymised.

It is a point Kevin Curran, a cyber security academic and senior member of trade association IEEE, thinks needs to be urgently addressed.

"There is a real possibility that an individual's habits, location, interests and other personal information may be easily tracked," he says.

"[Because] there is sophisticated data mining software in use which can reveal uncannily accurate information [based] on previously anonymous' data."

This information could be repurposed by identity thieves, seized by others for blackmail purposes, or simply sold on as marketing data, he adds.

Either way, Curran says there needs to be a public debate on the social and privacy implications of IoT in order to establish clear rules on how data can be used.

"There is still no agreed protocol for access to public data when it comes to law enforcement agencies or other intelligence agencies, and there is a debate waiting to happen here," he explains.

Miles Hodkinson, chief technology officer at wireless components firm Ciseco, backs this point, describing the privacy and security implications of IoT as a taboo subject within the IT industry. 

"It's the elephant in the room no-one wants to mention because when you look at the $14.4 trillion figure Cisco has flagged, for example, these figures are eye-watering and it's a great story for shareholders," he says.

"But people seem to be forgetting about the user's role in all this...[and treating them like] this thing that generates data and revenue for them, while everyone else consumes it."

Most IoT discussions seem to focus on how the data generated by connected devices will improve user experiences or make it easier for marketing firms to target products at consumers, but Hodkinson fears the information could fall into the wrong hands.

"If the power consumption of your fridge can be monitored, which is something we have the power to do today, it's not difficult to establish what time you go out to work. All I need to do [then] is have a word with someone and say 'this is about the time I think you should go and burgle that house,'" he says.

Furthermore, the 'trivial' information a fridge can feedback could be tracked over time and lead to assumptions being made about people's living habits, which in turn could affect other areas of their lives.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Windows 11 has problems with Oracle VirtualBox
Microsoft Windows

Windows 11 has problems with Oracle VirtualBox

5 Oct 2021