The Complications of Connectivity Creep
IoT devices have proliferated exponentially in recent years, becoming our assistants at work, at home, at play, on the daily commute, in healthcare, on our travels, and numerous other areas. Use of smart locks, doors, thermostats, refrigerators, baby monitors, security cameras (including nanny cams), toys, sneakers, and pet trackers is commonplace.
While many smart devices have brought an extraordinary degree of convenience, accessibility, comfort, and organization into our lives, making day-to-day life a whole lot easier, it's important to weigh the benefits and risks of IoT and find the right balance. It's not a good idea to allow smart devices to run our lives completely.
Smart devices are not perfect or guaranteed to deliver only positive results. They come with risks and drawbacks — any digital device can malfunction and anything connected to the internet can be hacked or stop working if the internet connection fails.
With some smart devices, a failure will not affect your security or privacy, or cause great inconvenience. For example, if your smart sneakers fail to lace themselves, you can lace them up yourself, provided they can be handled manually. Some can't, which would be more than a bit inconvenient if you don't have a spare non-digital pair.
And what if your smart thermostat stops functioning or a smart door or lock fails due to loss of connectivity, an attack, or for some other reason? A thermostat that cannot be manually operated can make your home environment very uncomfortable, and you would be locked in or out if you cannot manually manipulate your "smart" door lock.
Convenience (or lack thereof) is one thing, of course. The safety and privacy concerns that come with unbridled connectivity are even more serious.
Should Everything Be Connected?
Connecting all, or even most of, our everyday gadgets to the internet effectively means we increase our attack surface. The more dependent we are on connected gadgets, the more vulnerable we become. Threats to personal safety and privacy increase with increased dependence on smart devices. We give cybercriminals more gateways to attack us.
Total or near-total reliance on smart devices generally also means handing over a wealth of personal data — and sometimes not even for very much return. It's far from the case that everything that can be connected needs to connect in order to function better.
It's become easier than ever to click next on broadly-written user agreements, but we need to find a balance between convenience and capability on the one hand, and privacy on the other. The ideal situation, of course, would be to retain control of our personal data and get the benefits of connectivity at the same time, but privacy protection is already something of a heavily besieged battleground.
There are other negative effects: We're biologically designed to crave contact with other people and immersion in nature. Over-dependence on smart devices deprives us of both direct contact with natural environments and direct contact with other people, weakening fundamental living skills. Social disconnect can affect mental health and lead to low self-esteem, depression, and other issues.
It's OK to Be Unplugged
Most devices can be made "smart," but it's not necessary to have a life brimming over with smart gadgets. Some connected devices are quite useless and a waste of money. Do you really need a smart egg tray to remind you that there's just one egg in the refrigerator? Most of us can easily open our refrigerator and find out.
There arguments in favor of other connected home gadgets are equally dubious. Most of us probably don't really need smart toilet rolls that order toilet paper automatically, or smart wine aerators, smart salt shakers, or smart toothbrushes either.
Some IoT devices, such as smart toys, can pose a serious risk to security and privacy of children and their families. If a smart toy is not protected with adequate security controls, anyone can access information about the child and parents when the toy is online. Hackers can snoop on communications and steal personal information and use that to access other devices.
Security experts recently discovered that Mattel's popular interactive doll Hello Barbie could be hacked and its microphone misused by attackers to spy on children. Similarly, digital cameras, including nanny cams, and baby monitors, can be avenues to unsuspected and illegal surveillance. Another toy vendor, VTech, experienced a data breach a few years ago, resulting in personal information on millions of children and adults being stolen.
Bright Ideas We Should Probably Rethink
Many expect entire traffic grids to be fully connected in the near future, meaning that millions of vehicles on the streets would be linked to each other. This could potentially make it possible for cars to independently select optimal travel routes and also enable vehicles to avoid collisions. It doesn't take much imagination, on the other hand, to envision potential misuses of such technology.
We also need to be particularly wary of IoT devices in data-intensive areas such as healthcare and legal and government records. Protecting the privacy of information that we freely share — such as credit card numbers — is already a nightmare. Imagine that potential for mischief and malfeasance regarding data that is conceptually intended to remain largely private.
We aren't just dealing in spooky hypothetical, either: Attacks have already demonstrated that bad actors can remotely control the operation of various vehicles. Chrysler had to recall more than a million Jeeps after security experts exposed a vulnerability that hackers could exploit to take control of the vehicle.
It's not just fear of having the steering wheel taken out of your hands, either. Many connected cars have voice assistants and GPS. If a hacker manages to access onboard software, he can turn on a microphone and record conversations, or steal other information, without ever actually disrupting normal operations.
California-based Consumer Watchdog reports that dangers associated with connected vehicles are rapidly increasing as more and more IoT-integrated vehicles take to the roads. Consumer Watchdog suggests that a large-scale cyberattack against IoT cars could result in large-scale human casualties: Since many smart cars use the same software, one exploit could cause thousands of cars to malfunction simultaneously.
Consumer Watchdog and others are already calling for automobile manufacturers to incorporate a "kill switch" that would enable vehicles to be taken offline when necessary. To date, Tesla, Daimler, GM and other auto manufacturers have disclosed potential cybersecurity risks.
Connectivity Can Be Both Beneficial and Harmful
The advent of the IoT in healthcare has extended the reach of physicians beyond the confines of a healthcare facility. It's easier than ever before to treat and monitor patients. It's also more crucial than ever before to consider the risks related to connected healthcare devices, particularly those that are wearable or ingestible.
Concerns about medical wearables and ingestibles are primarily about the user's security and privacy. Wearing or ingesting smart devices that are not sufficiently secured can result in loss of confidentiality of personal health information.
According to IEEE, there are serious security implications associated with ingestibles. If an ingested device malfunctions, of course, it could cause physical harm to the user. Secondly, the owner of the digital device in the patient's body will have control of the device.
The patient in this scenario is the owner of his (or her) personal health information, per regulations like HIPAA and GDPR. Would he (or she) have exclusive control over data if the owner of the device is an entity other than the patient? Also, what if the owner wanted to remove the device? Would the patient be subjected to an unintended medical procedure?
Connectivity is also deeply entwined in the operation of public utilities, such as water works or the power grid. An attack on weak points here could also have dire consequences, including endangering peoples' lives.
According to Gartner, the number of IoT devices is expected to touch 20.4 billion by 2020. IoT technology has brought us many conveniences and improved productivity. Going ahead, we can expect many other useful innovations. As consumers, we need to ensure that we only use smart devices that are properly secured. It's especially important to have robust security controls for connected devices in the areas of home security, patient health, transportation, and public utilities.