Akamai’s influential State of the Internet Security Report has warned that the current poor level of cybersecurity around smart homes and interconnected home devices have opened the door to hackers and their like to exploit us as much as they please.
It’s likely, despite a relatively slow take-up, that most UK homes will buy in or install some kind of smart device in future.
This could be an app that’s linked to your home heating system to monitor bills and turn your systems on and off remotely, or a smart camera to watch what your pets or children do all day.
Smart, but not clever
Smart devices like Amazon’s Alexa digital assistant can be linked to your lights so you can turn them on and off with a gesture or a voice command.
When you see it in action it really does feel like you’re living in a sci-fi film.
But Akamai says the embedded tech in each device is so insecure that it would be simple for hostile actors to take hold of your smart lights, fridge, TV, or toys and play havoc just for fun.
The UK government is so concerned about this that they said hacking smart homes was too easy and issued a call to manufacturers this month to build-in uncrackable security to every new device made.
This means every smart kettle, Echo voice assistant or smart doorbell should have a unique password that can’t be remotely reset to the factory default.
The security of IoT is to modern devices what SQL injection was to web development a decade ago, a vexing problem.
Everyone knows that something should be done about it, but no one wants to take responsibility, when in fact the responsibility is a burden shared by all of us.- Martin McKeay: Senior Editor and Akamai Senior Security Advocate, Akamai
Smart devices are often referred to as being part of the Internet of Things, or IoT. This refers to the network of devices accessed through the internet that have the ability to identify themselves to other devices.
Our world is becoming one big information system of interconnected devices where just about anything can be connected and communicated in a smart way.
This means that more and more personal information and business data will move to the cloud and be passed back and forth through thousands of devices.
Mo’ connections, mo’ problems
Currently, more things are connected to the internet than there are people living on Earth.
It is predicted that by 2020 50 billion devices will be connected globally.
But as we have seen the expansion of the internet means the expansion of attack-threat opportunities.
It has been estimated that 70% of IoT devices are currently vulnerable to cyberattacks.
This means that our growing dependence on interconnected technology is defeating our ability to secure it.
Spying as standard
There is also the issue of surveillance. If all our objects are connected, then there are huge opportunities for observation.
This can be benign such as when your smart fridge ‘knows’ when you’re hungry or smart tyres ‘know’ when they need replacing.
But there are more sinister problems and not just hackers breaking into smart cameras embedded in objects or companies exploiting your data for advertising.
Back in 2016 it was discovered the CIA were looking at exploiting connected Samsung TVs to spy on people.
It’s about networks, it’s about devices and it’s about data. The Internet of Things brings those networks together. It gives the opportunity for devices to communicate not only with closed silos but across different networking types and creates a much more connected world.- Caroline Gorski: Head of IoT, Digital Catapult
Experts have long called for a shift from user security to system security.
It is not enough that consumers must maintain cybersecurity on a large number of devices, manufacturers should be building security into their products.
This needs a much more vigorous standardisation across industries. Many of the best security can be leveraged such as hardening systems, securing protocols for communication and installing the latest updates and patches.
These, it is argued should be done automatically by the systems rather than us if we are serious about safety.