The Internet of Things (IoT) is a rapidly growing phenomenon where device makers are building Internet connectivity into every device they produce. The ability to connect to the Internet brings with it the potential of connecting and using your device in new and exciting ways. Devices can gain access to a wealth of information available online, allowing something like a thermostat to access information about your local weather to factor that into it’s temperature settings. Internet access also enables you to connect to your various devices over great distances. Think of a smart home where you get a notification if your load of laundry is done (http://www.engadget.com/2012/01/10/samsung-smarthome-wifi-washer-and-dryer-hands-on-video/), or that one of your plants may need watering (http://www.koubachi.com/features/sensor?locale=en). Not to mention manufacturers are capable of pushing out updates for new features, adding value to your devices over time.
The incentive for companies to build and integrate IoT devices is that they too can tap into a wealth of data from you they wouldn’t necessarily have access to before. The concept is further defined in Steve Durbin’s blog “Security and the Internet of Things”. In his blog, he talks about how companies are diving into the IoT ecosystem because of the continuous feedback and insight into how their products are being used. That data helps create productivity and allows them to improve their products or even offer new services to go along with their products.
Despite the benefits, as the increasing number of devices connected to the internet grows, the potential for hackers to compromise a user through any of their devices grows as well.
While IoT is still in its infancy, we need to research and build new ways of approaching security for these devices. Security is most effective when addressed proactively therefore we should think of security now and evolve it alongside so that while IoT landscape grows, protecting it users remains a top priority.
As it stands today, there are a number of steps and processes that both manufacturers and consumers can perform to take a proactive approach to protecting against potential hacks.
About the Author: Michael Bennett, Lead DDoS Engineer
Michael started working at Security Compass a year ago. He was brought on to work on TrueLabs, Security Compass’s sandbox learning environment. After a few months working with the training department Michael transitioned into building a DDoS testing tool called DDoS Strike. He is now working on DDoS Strike full time. Michael enjoys long walks on the beach with his dog and taking down customers’ websites — if you were to ever look for him you’d find him at Tim Hortons drinking an XL coffee with two cream.