Maybe you haven’t heard of the internet of things (IoT), but it is fast becoming a reality in your daily life. The internet of things comprises the world of everyday items, from refrigerators to gaming consoles to watches—all of the objects and devices able to connect to the internet and share data.
One major sector of the IoT is the smart home assistant, like Google Home and Amazon Echo. These are compact standalone devices from which you can put on music, order a cab and ask for answers to your random pop culture questions.
In 2016, there were a staggering 6.4 billion items connected to the internet, with 5.5 million new connections made on a daily basis.1 Each of these devices collects and transmits data to improve device performance and to keep users connected to product information and updates. This information is also used by the company, for whom user data is an increasingly valuable commodity.
In the best case scenario, the user’s life is made easier by the device, and the company gains consumer and operational insights from the steady stream of data these devices return.
And the internet of things is only going to envelop more things: By 2020, the number of connected devices is projected to be somewhere in the neighborhood of 24 billion, four devices for every person on Earth.1
Of course, with near universal connectivity comes with more pervasive security risks. What if someone had the ability to hack into and compromise the sensitive data being shared across all the watches and home assistants connected to the web?
In fact, that ability already exists.
In October 2016, a massive distributed denial of service (DDoS) attack took down major sites, including Twitter, Netflix, Reddit, CNN and many others.2 The attack was undertaken by infecting individual smart devices with a botnet that coordinated them to bombard the servers of major websites, eventually overwhelming them.
Alarmingly, on the internet of things, more devices mean stronger attacks: Botnets are usually made up of computers, but this DDoS attack involved 100,000 malicious smart devices.2
And the security infrastructure has not grown apace with the adoption of smart devices. It was the first cyberattack of its kind, but it will likely not be the last.
Often, developers rush a smart device to market and tout its convenience to the consumer, yet security concerns remain an afterthought. Researchers now, however, are realizing that the more ubiquitous our connections to the internet are, the more vulnerabilities exist in the infrastructure.
One popular smart thermostat, for instance, has been shown to have security vulnerabilities, and many more such vulnerabilities likely exist in other devices, just waiting to be discovered—or exploited.3
Worst of all, it is not just consumers whose data is at risk. Businesses and governments are also adopting IoT technologies to increase productivity, lower costs, and streamline and refine their data analytics. Over time, the cost of recovery from ransomware attacks and DDoS attacks could be devastating.
Data capture and information processing are at the heart of this new technological field. But who safeguards that data? The answer has to be cybersecurity experts.
In the next five years, $6 trillion will pour into IoT solutions.4 As the internet of things expands, the field of cybersecurity will only become more vital, and the need to develop safeguards for our digital infrastructures becomes more urgent.
NOTE: The George Washington University does not directly recommend or support the above-mentioned applications or products.
1 Retrieved on September 21, 2017, from businessinsider.com/what-is-the-internet-of-things-definition-2016-8
2 Retrieved on September 21, 2017, from theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
3 Retrieved on September 21, 2017, from forbes.com/sites/aarontilley/2015/03/06/nest-thermostat-hack-home-network/#42fb537b3986
4 Retrieved on September 21, 2017, from businessinsider.com/iot-ecosystem-internet-of-things-forecasts-and-business-opportunities-2016-2