The Internet Of Things Is More Vulnerable Than You’d ThinkIt wasn’t just HAL 9000 in the 1968 hit movie 2001: A Space Odyssey, or the tourist-killing androids in 1973’s Westworld (the movie, not the recent TV show), that made people a little scared of machines. Long before then, writers and scientists seriously considered the possibility that artificial intelligence might be a danger as well as a convenience.
We don’t have to worry just yet about our modern devices and appliances turning on us and taking over the world. But there’s now a lot more to worry about than the fact that our phones, computers and tablets are pretty easy to hack. The rapid development of the Internet of Things (IoT) – the online connection of millions of smart homes and buildings, cars, appliances and anything else that can be turned on-and-off – has created new threats that would be right at home in a science fiction movie.
The Vulnerability of the IoTIt sounds perfect: your home’s smart appliances connected together wirelessly so you can control them all from anywhere in the world, and your car connected to the Internet for automated navigation and entertainment. What could go wrong, as long as the appliances and cars don’t unite to subjugate humanity?
A lot. We’ve already seen the havoc that malicious hackers can wreak by breaking into computer systems to steal sensitive information, and by setting up “botnets” of infected computers and phones to take down huge websites and networks. And that’s despite modern advances in antivirus and network protection technology.
The “things” connected to the Internet of Things may be only thermostats or TVs, but they’re still vulnerable to anyone who wants to hack into them. What’s worse, the IoT is still new so most devices don’t plug into routers and have very limited defenses against intruders, manufacturers don’t tell anyone if security protection has been built into their devices (and it often hasn’t) – and if you’ve seen a simple anti-virus program like Norton or McAfee for connected toasters, please let us know.
In other words, almost all IoT devices and appliances are currently at major risk.
The Danger is RealRight about now you’re probably asking “Who would want to hack into my toaster?”
That’s what a reporter for the Atlantic, Andrew McGill, wondered. So he plugged in a connected toaster and watched. It only took 41 minutes for someone to make a hacking attempt on the appliance, and there were two more attempts within the next half-an-hour.
Why would anyone care about McGill’s toaster? It’s because hackers are continually using easy-to-find scanning tools to search for vulnerable devices, in order to build enormous botnets of infected devices. Those are then used in coordinated attacks against big companies and websites – and for those purposes, a toaster is just as good as a computer. A toaster’s just much easier to “get into.”
One example: so-called Mirai malware was recently placed on thousands of non-secure IoT appliances and devices to create two of the largest DDoS (Distributed Denial of Service) attacks in history, against French security and web hosting companies. And even scarier, that malware has now been released to hackers worldwide.
IoT DefensesSadly, the news isn’t great. For now, the best you can do is be sure that you’ve got your smart appliances connected through a router that isn’t using a default user name and password, look for appliances that let you protect them with login credentials individually, and buy one of the new appliance security boxes now reaching the market.
Other than that, the best defense is to hope that manufacturers start taking the issue of IoT vulnerabilities as seriously as they should.