Home Smart Home
Posted January 13, 2015
CES Features Internet of Things’ Products for Connecting Grills, Refrigerators, Coffee Makers, Baby Monitors, Locks…and Hackers
At this year’s Consumer Electronics Show (CES), manufacturers rolled out product after product that connects to the Internet and is designed to make life easier for the owner. Of course this connectivity also makes life easier for the hacker.
In her story on nytimes.com, Molly Wood details the risks that go along with the rewards the Internet of Things promises. The following has been excerpted from Wood’s piece and edited to fit our format. You may find the full article by clicking on this link.
Breaching the Internet of Things: Been there. Done that.
Hackers have already breached Internet-connected camera systems, smart TVs and even baby monitors. In one case, someone hacked a networked camera setup and used it to scream obscenities into a baby’s nursery.
FTC notes risk
In a speech at International CES, Edith Ramirez, chairwoman of the Federal Trade Commission, said the trend toward having so many things constantly connected to the Internet presented serious risks that start-ups and big companies needed to take seriously.
“Any device that is connected to the Internet is at risk of being hijacked,” she said in her prepared remarks. “Moreover, the risks that unauthorized access intensifies as we adopt more and more devices linked to our physical safety, such as our cars, medical care and homes.”
Few security features built into products
[Because] connected devices are relatively new, there are few security features built into many of them or the apps and services that power them. Even fewer products exist to lock down your smart home.
The box. Like antivirus for the PC
One noteworthy product, though — perhaps the sort of device we will see more of soon — was introduced at International CES. It comes from Bitdefender, which makes antivirus and anti-malware software for computers, and is called the Bitdefender Box. The box is a physical device that plugs into your Internet router and constantly scans your network and the websites you visit for potentially harmful software or viruses. [Bogdan Dumitru, the company’s senior threat analyst said,] “When you’re opening a malicious page, before the page is downloaded, it is intercepted in the box, flags are sensed in the cloud and it doesn’t show up in the first place.”
Hackers don’t care about the processor
“It doesn’t quite matter to the hacker how much processing power or what task those smart devices can accomplish,” he said. If they can reach a website — and most can, because they connect to their own websites — they can be used.
Same drawbacks as standard antivirus
But as with most antivirus and anti-malware products, the box can scan for and detect only code that has already been identified as a threat. Something new could still sneak through.
It’s only data
Ford announced plans to collect information about driving habits of company volunteers in Dearborn, Mich., and of volunteer drivers in London. The London project aims to create personalized driving information that can be used to calculate personalized insurance rates.
[Ford’s new chief executive, Mark Fields, said,] “We believe customers own their data and we are simply stewards of that data.”
Failing to protect customer data
[Accenture, the research firm, released a study this week that said consumers around the world doubted whether their personal data was secure online. With companies of all stripes suddenly interested in collecting reams of information about their customers, both on the Internet and elsewhere, those concerns are likely to continue.
It’s still early
And as Chris Babel, chief executive of the data privacy management company TrustE, noted, we are still in the very early stages of the Internet of Things.
“Everything is still very siloed and it’s not very connected,” he said. “But there’s massive amounts of value when it gets connected — both from the users’ perspective and from the hackers’ perspective.”
Build security into devices from the get-go
Mr. Babel echoed the advice of Ms. Ramirez of the F.T.C., who said companies needed to “prioritize security and build security into their devices from the outset.” She recommended privacy and risk assessments in the design phase of new products, forcing users to set new passwords instead of using default passwords on sensitive devices like Internet routers and using encryption wherever possible.