By now, we're all well aware of how smart devices monitor our activities. Smart home devices are the new popular technology, but there's been countless occurrences of smart home devices listening in and acquiring personal data - do consumers even care though?
There's no shortage of devices to choose from. As we approach the holidays, there's plenty of "smart home" advertising. For example:
- Alarm systems
- Door locks
- Electric plugs
- Light bulbs
- Security cameras
- Virtual digital assistants
Experts forecast that the Internet of Things (IoT) will expand to over 20.4 billion devices in 2020.
Just How Dangerous is Smart Home Data?
In short, the Internet of Things encompasses any device or appliance that's connected to the internet. As the number of IoT devices grows, it's becoming increasingly difficult to maintain cybersecurity for consumers and businesses. Speaking of which, analysts forecast that business IoT spending will surpass $238 billion in 2022 – with global IoT spending expected to surpass $1.2 trillion in that same year.
If you think it's difficult to secure one device, such as your smartphone, imagine what it takes to secure a home full of smart devices. Now, think bigger. Imagine a corporate building full of smart devices. Hackers are doing just that, and what they see is a building full of vulnerable attack vectors and limitless profitable opportunities.
Resultantly, the IoT cybersecurity vertical is on an uptick. The more innovative IoT devices that engineers create, the more vulnerabilities consumers and businesses unwittingly connect to the internet. This might include wireless sensor networks and the crème de la crème in business data storage – cloud computing.
Today, various enterprises and institutions rely on smart devices and other critical IoT technologies. At the same time, consumers rely on a range of gadgets to make their life more convenient. While this takes place, it's growing increasingly impossible to keep peoples' data reasonably safe.
Don't Think Smart Home Devices are Automatically Safe
Yes. It's fun – and even kind of cool – to control your home from your smartphone. However, there are many documented cases of security breaches made possible by smart devices such as alarms, locks – and even baby monitors. Unfortunately, seemingly innocuous devices all present the same opening for malicious actors to enter your home or business security network.
In your home, for instance, you might use an app such as Google Nest or Samsung SmartThings. Using correlated apps, you can use one smart device to control another one. Pretty cool, right? Well… All along, these devices collect a lot of personal information about you, but the problem isn't so much that the devices collect data. It's more about who might be on the other side of your IoT-connected device collecting that data. Of course, you know that device manufacturers are probably making a tidy profit off your info, but if a hacker gets a hold of your info – it's a whole new ballgame and not a good one.
Imagine this. You program your light bulbs to turn on when you come home. For convenience, you may also program your alarm to turn off when, for instance, your light bulbs turn on – signifying that you've arrived at your residence. This kind of simple security loophole is all a hacker needs to break down your security system and into your home. If they know that all they have to do is turn off your light bulbs to turn off your alarm – they'll do it.
That's right. A hacker might want more than your data – they may want your possessions. If a hacker can access your light bulb and switch it to "at home," you might as well be handing them the key to your front door. For now, this is an unfortunate weakness that's a persistent problem with the Internet of Things.
Is Automizing Data A Happy Medium?
With patient information automation, healthcare organizations collect your data and a nifty program wipes all of your personally identifiable information. Then, according to HIPAA laws, your healthcare provider is free to sell your data. Everybody wins, right? Not necessarily.
Case in point, consider the 12 million consumers who have purchased direct-to-consumer DNA tests. Recently, companies such as Ancestry have spent millions of dollars peddling their goods to consumers, and it's working. So far, consumers are more than willing to give up their medical data for insights into their ancestry.
If you're one of those consumers, you may already know about this process. What you may not know about, however, is a multibillion-dollar industry that legally trades that same information that consumers have been surrendering willingly while paying a premium to do so. According to the Century Foundation, an enterprise can buy, sell and trade anonymized data. This in itself isn't a problem.
The problem here is that a malicious actor with enough savvy can use that anonymized data to reconstruct your identity. At that point, they can go on and sell your data just like any other hacker.
Don't think that the IoT is all doom and gloom, however. In fact, here's five tips to think about as you contemplate your digital future.
- 1.If you use a digital assistant, physically turn off the mic with the manual override.
- 2.If you worry about Amazon employees listening in on you with Alexa, use the app to adjust your privacy settings through Alexa Privacy.
- 3.If you use Echo, go to Communications on your Alexa App and turn the "Drop In" feature for "My Household" to Off.
- 4.If you're super sensitive about your personal security, here's an extreme solution. Look up Project Alias on Hackaday and learn how to make a white noise speaker that will stop malicious actors from hearing your personal activities and capturing your data.