The Internet evolved as a network of networks for human beings on computers communicating and sharing information with each other.
In 1982, hardworking researchers at Carnegie Mellon University decided they wanted to know if their vending machine had cold drinks before visiting it so they stuck on a sensor with IP address that could be accessed from the labs.
Today, there are more devices and things with an IP address or unique ID then people on the planet! The phrase “Internet of things (IoT)” was coined in 1999 by Kevin Ashton, a MIT researcher to describe this phenomenon while he was presenting on the advantages of RFID.
Although it started initially with basic sensors, this has grown to include all manner of devices and the home market in particular, has become a huge commercial spinoff with smart homes now having everything from your TV and home entertainment system, air conditioner to your coffee maker and dishwasher having unique IDs and sensors to be monitored remotely over the Internet from your PC or mobile phone!
Thanks to the arrival of super-cheap computer chips and the ubiquity of wireless networks, it’s possible to turn anything, from something as small as a pill to something as big as an aeroplane, into a part of the IoT.
Connecting up all these different objects and adding sensors to them adds a level of digital intelligence to devices that would be otherwise dumb, enabling them to communicate real-time data without involving a human being.
The Internet of Things is making the fabric of the world around us smarter and more responsive, merging the digital and physical universes.
The term IoT is generally used for devices that wouldn’t usually be expected to have an internet connection, and that can communicate with the network independently of human action.
Processors that were cheap and power-frugal enough to be all but disposable were needed before it finally became cost-effective to connect up billions of devices.
Security is one the biggest issues with the IoT. These sensors are collecting in many cases sensitive data — what you say and do in your own home, for example.
Keeping that secure is vital to consumer trust, but so far the IoT’s security track record has been abysmal. Too many IoT devices give little thought to the basics of security, like encrypting data in transit and at rest.
Flaws in software are discovered on a regular basis, but many IoT devices lack the capability to be patched, which means they are permanently at risk.
Hackers are now actively targeting IoT devices such as routers and webcams because their inherent lack of security makes them easy to compromise.
Flaws have left smart home devices like refrigerators, ovens, and dishwashers open to hackers.
Even internet-connected smartwatches for children have been found to contain security vulnerabilities that allow hackers to track the wearer’s location or even communicate with them!
Governments are growing worried about the risks here. As the cost of making smart objects becomes negligible, these problems will only become more widespread and intractable.
All of this applies in business as well. Connecting industrial machinery to IoT networks increases the potential risk of hackers discovering and attacking these devices.
Industrial espionage or destructive attacks on critical infrastructure are both potential risks. That means businesses will need to make sure that these networks are air-gapped or isolated and protected, with security of all components a necessity.
The current state of IoT technology makes that harder to ensure, however, as does a lack of consistent IoT security planning across organisations. That’s very worrying considering the documented willingness of hackers to tamper with industrial systems that have been connected to the Internet.
The IoT bridges the gap between the digital world and the physical world, which means that hacking into devices can have dangerous real-world consequences.
Hacking into the sensors controlling the temperature in a nuclear power station could trick the operators into making a catastrophic decision; taking control of a driverless car could also end in disaster.
With all those sensors collecting data on everything you do, the IoT is a potentially vast privacy and security nightmare.
Consumers need to understand the privacy issues. This applies to business: would your executive team be happy to discuss highly confidential issues in a meeting room equipped with smart speakers and cameras, for example?
One recent survey found that four out of five companies are unable to identify all the IoT devices on their network.
Badly installed IoT products could easily open up corporate networks to attack by hackers, or simply leak data. It might seem like a trivial threat but imagine if the smart locks at your office refused to open one morning or the smart air conditioner in the CEO’s office was used by hackers to create a backdoor into your network.
The IoT makes computing physical. So if things go wrong with IoT devices, there can be major real-world consequences – something that nations planning their cyberwarfare strategies are now taking into account.
As the price of sensors and communications continue to drop, it becomes cost-effective to add more devices to the IoT – even if in some cases there’s little obvious benefit to consumers. Without standards, and with security an ongoing issue, we are likely to see more big IoT security incidents in the next few years.
As the number of connected devices continues to rise, our living and working environments will become filled with smart products – assuming we are willing to accept the security and privacy trade-offs.
Some will welcome the new era of smart things. Others like me will pine for the days when a comfy chair was simply a chair.
n Ilaitia B. Tuisawau is a private cybersecurity consultant. The views expressed in this article are his and not necessarily shared by this newspaper. Mr Tuisawau can be contacted on ilaitia@cyberbati.com
