Page 19 - Cyber Warnings - November 2015
P. 19
Protecting Privacy in the Internet of Things
Authored by Larry Ponemon, founder of the Ponemon Institute and chairman of the Visual
Privacy Advisory Council
Nearly every aspect of our lives can now be connected to the Internet through a device.
Wearable devices enable us to track our steps, map runs and review sleep patterns. Smart
appliances offer instant access to nearly anything in our homes – from washing machines and
thermostats to security cameras and the front-door lock. Our cars and TVs can even self-update
through wireless Internet connections.
This is all made possible by the Internet of Things (IoT), a concept in which everyday devices or
“things” are increasingly interconnected and accessible via the Internet. It has the potential to help
us live healthier and happier lives, and provides limitless opportunities for keeping us better
connected and informed.
But with all this newfound connectivity comes new concerns about security and privacy. The
explosion of connected devices provides new and greater opportunities for hackers to exploit
devices, gain access to our personal and financial data, and invade our privacy.
For example, security services provider Proofpoint revealed a cyberattack in which 100,000
consumer devices – including TVs, multi-media centers and at least one refrigerator – were used to
send out more than 750,000 malicious emails.
Symantec also reported it found vulnerabilities in wearable activity-tracking devices that made it
possible for anyone with “some basic skills and a few cheap tools” to track the devices and the
people wearing them.
Or consider the hair-raising story reported by Fox affiliate WXIX-TV about two parents who awoke
in the middle of the night to a man’s voice yelling at their 10-month-old daughter through the baby
monitor in the child’s room. The stranger apparently hacked into the Internet-connected system
from the outside.
How pervasive are security issues with IoT devices? A 2014 HP report analyzed the top 10 IoT
devices being used at the time and revealed that the devices had an average of 25 vulnerabilities.
But not all vulnerabilities come from back-end cyberattacks. A simple device password obtained
through visual hacking, the viewing or capturing of sensitive information for unauthorized use, can
lead to broader attacks of these interconnected devices.
With stolen login credentials, a hacker could potentially access all other IoT-enabled devices within
your home, car or office, as well as the information associated with them.
19 Cyber Warnings E-Magazine – November 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
