Will the Internet of Things always be so vulnerable?

The Internet of Things (IoT) has undergone an amazing transformation, from a pipe dream to a marketing buzzword, and now an impending reality. Recent estimates expect the number of internet-connected devices to reach 26 billion by 2020, with some studies suggesting an even higher output. With an exponential increase in devices communicating with us, other devices, and with the internet at large, how can anyone keep private information safe?  

IoT: Ever-connected, ever-susceptible

The phrase “Internet of Things” has been around for decades (ever since computers could connect to this global network), but it has never had more literal applications than it does right now. With the combination of readily available broadband access, decreasing costs in tech manufacturing, increasing Wi-Fi capabilities, and widespread use of smartphones; IoT has never had a launching pad quite as equipped as the modern technological landscape.

Today, the Internet of Things plays with the idea of connecting nearly every manufactured object to the internet. Beyond personal computers, tablets, and smartphones, IoT encompasses some of the more obvious items in our lives – automobiles, security systems, smart home lighting systems. Plus, some more innovative ideas; think home appliances, pacemakers, jet engines, alarm clocks, fitness trackers, energy grids, contact lenses, and even city traffic infrastructures. The future of IoT is bright, however slightly shaded with caution. The more connections that exist between our devices, and the more we transmit data across networks, the more opportunities arise for criminal hackers to get in. That is the dark side. 

The danger we all live with

In 2015, more than 165 million personal records were exposed, through cybersecurity breaches over the course of the year. A staggering 64 per cent of Americans have been personally affected by a major data breach. It’s no longer a question of “if” cyber criminals will target you — it’s a matter of “when.”   

Cyberattacks have not only become common, they’ve also become exponentially more dangerous, as we connect more and more of our devices to global networks. The large majority of cybersecurity professionals are concerned about the potential weaponisation of IoT, and only 30 per cent of them believe their organisations are fully prepared for the risks inherent in IoT. Furthermore, experts feel only one out of every ten IoT devices has adequate security measures. 

How does one reconcile these startling numbers, alongside our persistent march toward total internet connectivity?  

Safeguards and security

The Internet of Things doesn’t have to be as vulnerable as it currently stands. In many cases, the transition to managing business affairs online — everything from accounting and storing customer data, to production and inventory management — has occurred faster than business leaders can adopt new security measures. In their eagerness to improve communication, data storage, and business operations through IoT devices, many businesses simply haven’t paused long enough to think about the careful protection of that data. 

Though countless enterprises would like to say otherwise, the truth is cyberattacks cannot be fully prevented. Nevertheless, smart companies — and individual users — can adopt quality standards and best practices that minimise those risks to ensure IoT becomes a boon, not a burden.

Make your network a fortress

With IoT, tens of thousands of data access points can be produced by one household or office on a daily basis. That’s tens of thousands of opportunities for hackers to find vulnerabilities in the system. Ensure that your network only allows access to authorised users. If devices are password-protected, switch to a two-step authentication process (also known as 2FA), and create complex passwords that are changed every other month.

Most hacks occur via Wi-Fi, and unsecured wireless systems are among the easiest to access. The first line of defence against cyber intrusion is to make it difficult to gain entry to your network. Password protection is not just for highly classified or core data; when all of your business operations are connected, it’s imperative to protect access to your network at every point.

Click “Accept” to restart device now

You may groan at those pesky update notifications on your smartphone, or the forced downloads of the latest software patch, which prompt you to restart your laptop at the most inconvenient of times; the truth is, these updates aren’t just an attempt to interrupt your workflow. Make a habit of accepting these updates and patches regularly, and without hesitation. 

Hackers are constantly finding new ways to get into our systems; security measures designed to combat and keep up with those hackers are only useful if they are installed on a consistent basis. Think of updates as necessary vaccines, to protect your devices against viruses and other bad bugs.

Investing in top security systems and firewalls will add another layer of protection. If necessary, hire a third-party cybersecurity team, or trained consultants, to analyse potential weaknesses in your system and skilfully fortify your network.

Read, read, read

As simple as it sounds, informing yourself of the latest cyber threats and the ever-developing countermeasures to those threats gives you an upper hand. Most cyberattackers prey on the suspicion that you’re not paying attention. How many times have you skimmed past a Terms of Service page, instead of carefully reviewing the information? Criminal hackers are hoping you pay equally little attention to news sources outlining what the latest cyber threats look like, how phishing emails work, and how to avoid scams; so the culprits can slip a virus right under your nose. 

As a consumer or business owner, make a point to review user agreements (and other fine print), and consent to IoT updates or purchases only when you feel confident in their security. Reading reports about IoT and cybersecurity, and consulting the opinions of cyber professionals, can keep you ahead of the game and help you protect your most valuable information.

You get what you pay for

Regardless of the debate over its pros and cons, IoT is on its way to becoming as prevalent as toasters, lightbulbs, and washing machines in U.S. homes — in fact, toasters, lightbulbs, and washing machines will likely become part of that always-expanding IoT. 

Security professionals estimate that less than one-quarter of IoT appliances currently are equipped with effective security, despite 71 per cent of Americans exhibiting some level of concern over having their data hacked. That level of discomfort will affect the market. 

Companies will need to commit to more intentional security designs, before making products publicly available. Business leaders must invest in multiple protective measures, security testing, and cybersecurity training for employees. Consumers may need to re-prioritise their purchase behaviours; opting for more expensive and more secure IoT devices, rather than gobbling up low-cost alternatives that skimp on privacy protections.

Embracing the Internet of Things

We know the Internet of Things will continue to increase in scale and scope; preventive and responsive measures must continue to grow alongside it. These devices, gadgets, and applications are designed for convenience, speed, and practicality — which means the American public will continually seek them.

Successful companies will adapt to such growth, and invest more into securing their software applications and network connections; savvy consumers will opt for the most secure devices, and strategies to keep them that way. This relationship between company and consumer — in which the safety and privacy of consumer data is in the best interest of both our companies and their customers — is the best way to safeguard Americans.

The Internet of Things will never be completely safe; but, neither is the world outside of the internet. Just as no one can ensure your house is entirely secure against theft, there’s no way to ensure you’re fully shielded from a potential data breach. What we can do is to diligently prepare for dangers, reduce their likelihood, eliminate them when they occur, and constantly improve our security measures.

Xuyen Bowles, Sentek Cyber
Image Credit: Melpomene / Shutterstock