Internet of Things or Internet of Thieves

Luke Presland

July 01st, 2014

While the Internet of Things(IoT) sounds like some hipster start-up from the valley, it is in actual fact sweeping the technology world as the next big thing and is the topic of conversation (and perhaps development) through the majority of the major league tech titans. Simply, the IoT is the umbrella term for IP-enabled every day devices with the ability to communicate over the Internet. Whether that is your fridge transmitting temperature readings to your smartphone, or your doorbell texting you once it has been rung, anything with power (and even some without) can be hooked up to the World Wide Web and be accessed anywhere, anytime.

This will of course have a huge impact on consumer tech, with every device under the sun being designed to work with your smartphone or PC, but what′s worryingis how all this is going to be kept secure. While there are a large number of industry leading brands we can all trust (sometimes), there are an even bigger number of companies shipping devices out of China at extremely low production (and quality) costs. This prompts the question–if the company′s mantra is low cost products and mass sales, do they have the time, money (or care) to have an experienced security team and infrastructure to ensure these devices are secure? I′m sure you know the answer to that question.

Unconvinced? How about TrendNetcams back in 2012… The basic gist was that a flaw in the latest firmware enabled you to add /anony/mjpg.cgi to the end of one of the cams′ IP addresses and you would be left with a live stream of the IP camera. Scary stuff (and some funny stuff) but this was a huge mistake made by what seems to be a fairly legitimate company. Imagine this on a much larger scale, with many more devices, being developed by much more dubious companies. Want a more up-to-date incident? How about a hacker gaining access to a Foscom IP camera that a couple was using to watch over their child, and the hacker screaming "Wake up, baby! Wake up, baby!″ I′ll leave you to read more about that.

With the suggestion that by 2020 anywhere between 26 and 212 billion devices will be connected to the Internet, this opens up an unimaginable amount of attack vectors, which will be abused by the black hats among us. Luckily, chip developers such as Broadcom have seen the payoff here by developing chips with a security infrastructure designed for wearable tech and the IoT. The newBCM20737 SoC provides ″ Bluetooth, RSA encryption and decryption capabilities, and Apple′s iBeacon device detection technology″ adding another layer of security that will be of interest to most tech developers. Whether the cost of such technology will appeal to all though is another thing altogether—low cost tech developers will just not bother.

Now, I see the threat of someone hacking your toaster and burning your toast is not something you would worry about, but imagine healthcare implants or house security being given the IoT treatment. Not sure I′d want someone taking control of my pacemaker or having a skeleton key to my house! Security is one of the major barriers to total adoption of the IoT, but is also the only barrier that can be jumped over and forgotten about by less law abiding companies. If I were to give anyone any advice before ″connecting″, it would be to spend your money wisely, don′t go cheap, and avoid putting yourself in compromising situations around your IoT tech.