The number of IoT devices is set to surpass 20 billion by 2020. We take a look at how connected things threaten our security as cybercriminals exploit weaknesses in the smartphones that control them.
From smart fridges to coffee makers and Barbie dolls, connected things will soon fill our households.
Many of these devices are, and will continue to be, accessed via our smartphones. While this is very convenient for users, there are weaknesses in smartphone security that can be exploited to turn smart objects against us.
While many of us are now well acquainted with best practice when it comes to using laptops or desktops, it is easy to be somewhat lax when it comes to our phones.
So, what are the risks?
Smart medical records
Recent years have seen an upsurge in internet-connected medical devices and fitness trackers, many of which feed data to or can be controlled via apps on our phones.
This means that such devices now contain valuable data about our health and wellbeing that are vulnerable to cyberattacks.
IoT objects increasingly rely on smart devices with sensors built in and applications to support them.
The problem with this is that the infrastructure to shore up and support the security of the data being funnelled through our phones simply does not exist yet.
It isn’t just medical data that can be exploited, either.
We increasingly use our phones to access our online banking, to buy goods through consumer websites and to access public services.
The data up for grabs is a goldmine for both identity thieves and fraudsters.
A surge in connected cars, smart traffic management as well as development in appliances we’re familiar with, such as fare payments for public transport, will form part of that IoT revolution.
The downside of smart mobility is that the use of GPS is integral to its functionality – and GPS is seen as an easy target by cybercriminals.
Many gamers, for instance, use it to cheat at the popular augmented reality game Pokemon Go.
Exactly what a cybercriminal could do with data that reveals the location of your car or the last tube journey you took is a chilling thought – as is knowing where you are not.
There could also be wider risks for businesses. Imagine the potential damage if cybercriminals could tap into IoT-based manufacturing networks.
What’s more, smart manufacturing is on the rise as collaboration between man and machine continues to increase.
Manufacturing processes can now be networked to provide greater efficiency as well as real-time diagnostics and rapid response.
However, smartphones could pose a vulnerability.
Company gateways that connect IoT devices to networks are made as secure as the devices themselves. However, the rise of bring your own device to work policies could leave a gaping hole if these networks are accessed via smartphones that don’t have the same security credentials.
Just as we are making our home lives more efficient with the help of connected devices, the cities we live in are becoming smarter as well.
Councils can now use big data to help decide on planning applications, to monitor power usage and even to bolster public safety and emergency response.
While this is all good news, some of the data that is being gathered could be exploited by cybercriminals via our smartphones.
The smarter your city, the more computer systems it has and the more open the access to the data collected by those systems is.
In addition, there can be as many as 25 different sensors in our smartphones, relating to GPS, to cameras and microphones, near-field communication and, in addition to others, gyroscopes.
This is a problem because most mobile apps don’t have to ask permission to access your smartphone’s sensors, meaning malicious programs can covertly “listen in” and steal sensitive information.
It was reported in 2016 that the biggest drawback for consumers looking to acquire an IoT device was the price, with 62% of respondents claiming they were too expensive. As the price drops, and the number of connected devices grows, IoT security becomes even more crucial – and consumers should take it seriously.