Over the last couple of decades, the number of devices that can connect to the Internet has grown at a rapid rate and continues to increase exponentially. The year 2008 saw the first time there were more Internet connected devices than people on earth, and Cisco estimates there will be more than 50 million in the year 2020. The network of these connected devices, the Internet of Things (IoT), is still a relatively new concept. As it is integrated into everyday life there are growing concerns over the potential security vulnerabilities associated with it, such as cars, refrigerators, ATM machines, cell phones, and other technology people regularly use. Here we take a look at a few of these threats to IoT devices so you know what to look out for:
ATM/Cashpoint skimming
A relatively new technique used by criminals to steal money from consumers, ATM skimming is when thieves install a fake PIN pad on an ATM machine that tricks users into handing over their credit card information. More recently, due to the hassle of needing to visit ATM machines in person, hackers are devising new skimming methods so they can retrieve stolen data via emails and text messages, making the threat even more worrisome. In 2013, the majority of skimmer hacks were in Bulgaria, with Armenia, Romania, Brazil and the Unites States close behind respectively, according to a report by Verizon that looked at more than 130 reported skimming cases. According to Lifelock.com, ATM skimming theft costs US banks as much as $1 billion in annual losses.
Car hacking
In July 2015, network engineers Charlie Miller and Chris Valasek were able to hack into the IoT network of a Chrysler Jeep Cherokee speeding along a highway in St. Louis and take control of the vehicle from a desktop computer in Miller’s basement 10 miles away. Once they added their own code to the car’s software, they were able to turn on the windshield wipers, operate the radio and air conditioning, and disable the car’s transmission so that the car couldn’t drive any further. Luckily, Miller and Valasek are not criminals but good Samaritans seeking out potential threats, so this breach of security led to Chrysler recalling about 1.4 million vehicles that would be vulnerable to a similar attack. Since this discovery there have been other susceptibilities found in OnStar, the communications system found in General Motors automobiles. Although General Motors has resolved this particular issue, it still raises doubt in regards to security for automobiles with IoT features.
Home Devices
The IoT can turn your house into a smart home by enabling your appliances to communicate with each other, keep track of measurable data, and adjust themselves to your personal preferences. For example, your home lighting system can display meters that show your electricity usage. You can control your thermostat from your smartphone, and your smart fridge can monitor the freshness of your food. The convenience of a smart house sounds like a great luxury; however, many of the companies that create these devices have overlooked security threats and haven’t taken the correct measures to protect the end user. The most apparent security threat is to the open global wireless standard ZigBee, which used by companies including Phillips, Samsung, Texas Instruments, and Motorola. Vienna based IT security firm Cognosec directed security tests on a number of IoT home devices and found that vendors often employ the minimum amount of security features required to receive certification for home use. It wont be until these security requirements are given a major overhauling that smart homes will be considered safe by IT experts for the average consumer.
Image by Yuri Samoilov