The Internet of Things, or the IoT, refers to the ever widening web of internet connected devices ranging from cell phones to appliances to wearable devices to cars and beyond, which have become increasingly commonplace in households. According to analysis firm Gartner, there will over 26 billion connected devices by 2020, forming a massive network of people and their devices.
The benefits are clear. Connected devices allows for a new level of convenience in the information age. It will allow for cars that automatically send a text message warning colleagues you will be late when you hit heavy traffic, alarm clocks that start your coffee maker running, a printer that knows when to order more ink. The benefits could go well beyond mere convenience. Transportation networks in cities can improve energy efficiency and cut down on waste. The Internet of Things could allow a for a range of functions to help the elderly and the disabled – one app, called Howz, launching this fall, can monitor the use of electrical devices in an elderly person’s home, sending alerts to children or caretakers if it detects a problem. Another app, called Canary, detects light, temperature, and movement between rooms to monitor if an elderly person has fallen or become ill. These apps can ease the burden of caring for the elderly, and can even potentially save lives. The Internet of Things should not be dismissed as just a way to find unnecessary shortcuts for simple tasks.
Yet, there is reason for caution as we move into an increasingly interconnected period of human history. Without delving into paranoia, valid security and privacy concerns should be carefully evaluated, and the technology should be approached with a measure of caution, instead of embraced as a panacea without reservations.
For one thing, the Internet of Things provides hackers and cyber criminals with a wide array of entry points into people’s lives. In 2015, hackers shut down a power grid in part of western Ukraine that led to the first ever blackout caused by a cyber attack. Connected infrastructure provides a way for hackers to affect power grids, chemical plants, hydroelectric dams, and other vital systems – a terrifying prospect.
The public is rightly concerned about such a possibility, giving proponents of connected technology a public relations hurdle. In 2015, the Icontrol State of the Smart Home study found that 44 percent of Americans were “very concerned” about their information being accessed by hackers from their smart phone, and another 27 percent were “somewhat concerned.”
These fears have been validated by researchers, who have been able to hack into real devices already on the market, given enough time and resources. One team of researchers at Microsoft and the University of Michigan recently discovered a wide range of vulnerabilities in Samsung’s SmartThings smart home platform.
Many companies may be jumping the gun, by their own account. AT&T’s Cybersecurity Insights Report showed that 85 percent of 5,000 enterprises surveyed planned to begin implementing IoT devices, yet only 10 percent of those companies said they were confident they could secure those devices against hackers.
These concerns need to be addressed, as increasingly vital systems and infrastructure come to depend on connectivity.
A second area of concern involves customer privacy. The IoT generates a vast quantity of data about people’s lives. A report from the Federal Trade Commission, called “Internet of Things: Privacy & Security in a Connected World” found that less than 10,000 households generate 150 million data points every day, creating entry points for hackers to access sensitive information. The same FTC report found that companies could use data they collect on customers, agreed to in their terms of service, to make decisions about employment, or health or life insurance. A connected car could provide insurance companies information about your driving habits, and fitness trackers could provide company’s information to assess health or life insurance.
Manufacturers and hackers could even eavesdrop through connected devices. German researchers proved this, intercepting unencrypted data from a smart meter device to find out what show someone was watching at any given moment.
These concerns are based on real findings from researchers and the companies who themselves are implementing increasing levels of connectivity. None of this means that the IoT is bad thing, or that it should be avoided. Indeed, it offers potential benefits including some that have yet to be foreseen. But the time and energy should first be taken to address legitimate security and privacy concerns. In human history, technology has often outpaced our ability to contain unforeseen effects, when it comes to issues such as pollution and climate change. When it comes to internet security and privacy, we would be well advised to stay one step ahead of these problems, instead of cleaning up the mess after the fact.