My brother can’t function in the morning until he has a cup of coffee. So I use his daily routine as an example.
Picture my brother stumbling down to the kitchen one morning only to find his internet-enabled coffee maker won’t work. There’s a message on his iPhone: “We have taken control of your coffee pot and unless you pay $5, you won’t have your coffee.” This actually hasn’t happened. At least, not yet.
I have been talking about the security threats to common household items connected to the internet – that is, the Internet of Things (IoT) – for several years now, and unfortunately, every other dire warning has come true so far. Upper management has to take greater notice of risks exposed both in the products they produce and the products that they use and take action to mitigate those risks. Recent events underscore this need.
Two years ago an internet-enabled refrigerator was commandeered and began sending pornographic spam while making ice cubes. Baby monitors have been turned into eavesdropping devices and there are concerns about the security of medical devices, such as computerized insulin pumps. In October, thousands of security cameras were hacked to create a massive Distributed Denial of Service (DDoS) against Dyn, a provider of critical Domain Name System (DNS) services to companies like Twitter, AirBnB, etc. Then there is the recent disclosure of CIA tools for hacking IoT devices, such as Samsung SmartTVs, to turn them into listening devices. These are only a few examples highlighting the threats.