Ahh…. IoT.
If those three little letters don’t strike at least a bit of fear in your heart already, then they probably will after you read this.
If you recall from Part I, the Internet of Things (IoT) affords people with lots of cool and exciting conveniences. But before you run off to buy a computer chip for your goldfish, it would be wise to remember that every device that’s connected to the internet can become a target to hackers. And as you may imagine, that’s not always a good thing. Here are some more reminders that more connectivity is not necessarily better. And after these examples, we’ll give you some tips on how to protect yourself.
Red means stop, green means go, yellow means … watch out for hackers? In the summer of 2014, researchers at the University of Michigan demonstrated that a typical traffic light is amazingly vulnerable to anyone with a laptop and the right kind of radio. Traffic lights in major cities across the USA use unencrypted (unconcealed) internet connections, and almost all cities fail to change default usernames and passwords.
Such vulnerabilities could potentially be used to make sure that a hacker in a hurry hits all the green lights on his way to work, or for more dubious purposes. (Think “The Italian Job”.)
Remember back in the day when the worst issue you could think of in terms of refrigerator “security” was how to protect your Ben and Jerry’s ice cream from being eaten by a sibling? Those days are over (but do go ahead and find a secure spot for that half-full container of Chunky Monkey). According to security firm Proofpoint, in 2014, an internet connected refrigerator was used as part of a botnet attack. A botnet is a group of computers that is being controlled by hackers for malicious purposes. On the surface, the computer seems to be functioning normally. The unwitting user is blissfully unaware of what’s going on internally. In this particular attack, the botnet which the refrigerator was part of sent out thousands of malicious emails.
Then there was the case of the researcher-hacked fridge as part of the exhibits at this year’s DEFCON conference. Held yearly in Las Vegas, DEFCON is where some of the world’s best cyber security researchers and hackers gather to listen to lectures and participate in cyber security related exercises. This exhibit used a Samsung “Smart” fridge that syncs with owners’ Gmail accounts to theoretically help the owner stay on top of daily events from the convenience of their refrigerator door. Hackers demonstrated how the fridge could easily be hacked to expose all of the owners’ Gmail credentials.
Which makes you think that you may be a whole lot safer by opening up your fridge to see if you are low on foodstuffs, and checking your Gmail account the old-fashioned way – from your laptop, PC, mobile phone, or watch.
You would think that the healthcare industry has enough to worry about when it comes to hacks, but things are getting more complicated here too. Indeed, IofT has added another problem to their collection. This past summer, it was discovered that hospital pumps designed by medical technology manufacturer Hospira contain a critical flaw that allows the pumps to be taken over by hackers. The flaw could enable hackers to change dosage amounts remotely, thereby potentially harming any patient using the pumps. (Told you this would be scary.) Hospira has recalled the pumps and they are no longer being sold, but they are still in use at some hospitals and medical centers.
Billy Rios, the researcher who found the vulnerability, said in an interview “These pumps are actually just computers, and so – just as you would take your laptop and join a wireless network, these pumps are on networks as well.” In other words, just like your PC can get a virus if you aren’t careful, so can this type of hospital pump.
Now, before you lose all faith in the wired world and decide to hunker down in a remote cabin in the mountains where nothing will ever be connected to the internet, take solace in the fact that there are a few things you can do to protect yourself and your family from hacks like these to some degree.
The IofT is pretty amazing, but there is a shady side to it all as well. And while there really isn’t much you can do if your traffic lights are hacked, that doesn’t mean you should throw caution to the wind. Protect your home PC with a powerful antivirus software and use common sense when connecting to smart devices. Approaching IoT with both excitement and caution will help you protect yourself, and the people you love.