By now you’ve probably heard about the two cybersecurity professionals who hacked a Jeep while it was in motion. Earlier this month, hackers at Def Con, a major cybersecurity convention, tried the same on a Tesla Model S. Meanwhile, Chrysler faces a lawsuit for failing to address the vulnerabilities in its Jeeps.
Cars, along with other day-to-day objects like phones and watches, are part of the growing Internet of Things (IoT). Here are the five things you need to know about it:
1. What is the Internet of Things?
The IoT is the network of “smart” objects in everyday life – think your phone, Apple watch and FitBit. These objects have sensors, processors and the ability to communicate with each other through wireless connections. And while these examples are commonplace, the IoT is still growing and will eventually include everyday items such as appliances, contact lenses, clothing and doors.
2. What will the IoT Mean for Consumers?
Smart objects allow people to customize their surroundings, making life simpler and more efficient. A smart thermostat tailors settings based on its owner’s habits – not only making the user more comfortable, but also minimizing wasted energy by preventing heating or cooling of empty living spaces.
However, this efficiency comes at a cost: people who use smart devices will have to give up even more personal data. A smart refrigerator with the ability to buy groceries would be convenient, but it would also mean that commercial stores, marketing agencies or even cybercriminals would be able to track all those purchases.
3. What will the IoT Mean for Businesses?
Thanks to the IoT, businesses can gain insight into consumer and market behavior that would be impossible to obtain otherwise. There is not only more data, but that data is more specific than ever before. Businesses can either track consumer data themselves or purchase it from the manufacturers of smart devices, enabling them to more efficiently develop products and more effectively target ads.
4. What will the IoT Mean for Malicious Hackers?
The very nature of the IoT gives criminal hackers a much larger target set. If more devices are tied to payment systems, hackers will have more entry points to financial services, a greater ability to deliver point of sale malware, and generally more access to information about people. Enhanced connectivity would also allow hackers to turn everyday objects into botnets that could facilitate wide-scale spam campaigns or DDoS attacks. Hackers could also apply existing malware in new ways, such as creating ransomware that targets the computers in cars.
5. What Can be Done to Mitigate these New Threats?
Fix the problem early. The internet of things is still in its early stages, so security measures can still be built into it. The “regular” internet has so many security issues in part because it was not built with security in mind. Once problems became apparent, security measures were added on, but they would have been more effective had they been present from the beginning.
For the IoT, building and integrating robust tools for finding and fixing basic problems is vital. Some have even proposed setting a industry standard that IoT devices will operate off open-source software – hoping that doing so will create a “crowdsourced” effect for finding vulnerabilities.
Regardless of the specifics, it’s important that the builders of the internet of things consider the trade-offs between convenience and security to protect both themselves and their customers.
Luke Penn-Hall is an analyst at The Cipher Brief.
