“Making fun of the Internet of Things has become a sort of national pastime, made possible by a laundry list of companies jumping into the space without the remotest idea what they’re actually doing. When said companies aren’t busy promoting some of the dumbest ideas imaginable, they’re making it abundantly clear that the security of their “smart,” connected products is absolutely nowhere to be found. And while this mockery is well-deserved, it’s decidedly less funny once you realize these companies are introducing thousands of new attack vectors in every home and business network the world over.
Overshadowed by the lulz is the width and depth of incompetence on display. Thermostats that fail to heat your home. Door locks that don’t protect you. Refrigerators that leak Gmail credentials. Children’s toys that listen to your kids’ prattle, then (poorly) secure said prattle in the cloud. Cars that could, potentially, result in your death. The list goes on and on, and it grows exponentially by the week.
The latest gift of the Internet of Things industry, revealed last week by security researchers at Bitdefender, is smart electrical sockets that can be hacked to hand over e-mail credentials, create a botnet, or (potentially) burn your house down by firing up connected appliances. The devices are sold as an amazing new tool to help create a connected home, allowing users to manage any device plugged into them via a smartphone and/or the internet. The problem, as usual, is an (unspecified) company that treated security as an afterthought.”
In short, the connected home that allows you to unlock your doors, or turn out your lights using your smartphone, when it’s not secured, allows just about anyone with a little knowledge can do that to your connected stuff too. That’s not good. It’s life-threatening in some cases, and that’s not funny any more.
Image by SammCox