How Secure and Private is Internet of Things (IoT) ?


Guest Author: Shakthi V

Everyone is excited about the next big thing that is just around the corner! The internet of Things. The wonderful phenomenon of things talking to each other using the internet and then making our life infinitely less complicated and giving us more time to be ourselves (whatever that means), that would truly be the next stage in human evolution!

People would love their refrigerator to find out what groceries are out and message the retailer to keep them ready and while driving home from work, the car automatically stops there and the stuff is delivered. BTW, the fridge has already swiped your card to pay for it! How convenient!

But then, there is a flip side to everything! The IoT revolution. To understand that, we need to look at the underlying things that will make this scenario possible! Very broadly, there are four technologies that link Analogue and Digital realms. They are,

Picture Credits: Wikipedia - http://en.wikipedia.org/wiki/Internet_of_Things
Picture Credits: Wikipedia – http://en.wikipedia.org/wiki/Internet_of_Things
  1. Location technologies will find us anywhere – our physical location – and with ever increasing accuracy and connectivity.
  2. Cognitive technologies will enable ubiquitous verbal communication with the digital power that surrounds us.
  3. Wearable technologies are going to collect all the analogue “stuff” about what is going on inside us, and outside of us and – our personal world of Big Data – and fling this up to the Internet.
  4. Big Data or rather predictive technologies will link the Big Data of our analogue world with the digital world. Digital will make sense of it in ways meaningful to each individual and feedback to us things we need to do in the real world to have a better life. And in fact intelligent objects will do a lot of this work for us on our behalf.

The issues that are inherent to these four technologies are the challenges that will have to be tackled if the internet of things has to be a reality that makes sense and is really safe and secure too. After all, tons of personal big data is what we are talking about!

Here are my concerns about these technologies working together, the sheer scale and complexity of security required for all of them to work the way that is planned, is mind boggling. And given that complexity, are we there yet? Imagine someone hacking into this very personal fountain of private data! Just the thought is unsettling. Next is the complexity of having to manage a huge number of credentials and passwords. The third is the far-fetched possibility that a self-aware machine is on the way and this pool of data the IoT creates will enable it to just trample over our lives. I admit that the third one is far-fetched and fantastic.

Keen to buy an Android Wear, this review of Moto 360 would help you!

Think of a smartwatch. What does it know about you? Who you are? Where you are via GPS? What you’re doing via accelerometer and gyroscope? Your health? Is able to monitor your mood?

I am sure that the makers have secured these devices, but what if? And that is a big If! Think about someone hacking your car to make it think that it’s picking up grocery but actually taking you into a risky environment! Think about an unsocial element getting hold of your personal and health data. The scope of misuse is humongous here and the fact is that all these are very possible. Dismissing them as fantasy is no longer an option!

The security ramifications of the IoT are huge, we need a self-updating, threat aware, key-rotating and intelligent security framework that has AI built in to help it to learn from attempts to hack it. Then the IoT makes sense. Here are some of the areas which needs to be considered while configuring the Device Level Security on IoT.  But the definition above added with wearable tech sounds a lot like Skynet, doesn’t it? Welcome to the future! It is a bold one and we need to be careful! What do you think?