Internet of Everything Is Hackable

Still in its infancy, the Internet of Everything, aka IoE (the interface of our things with data, people and process) is already being threatened by hackers. While Cisco has predicted that 25 billion units of things will connect to the Internet by 2015 and will double in five short years, this rapid growth has given pause to reflect on the perceived risks.

HP in the fray. . .

A recent analysis from Hewlett Packard notes that 70 percent of the most commonly used Internet of things devices contain vulnerabilities which highlights password security, encryption and personal data issues being the most noticeable.

As manufacturers are in a frenzy to get their Internet-ready products to market, the study elaborates further that doors have been opened to threats of code vulnerability and denial of service attacks based on weak passwords. 

Having their own 'dog in the hunt,' HP used recently its 'Fortify to Demand' product to scan 10 of the most popular IoE products, uncovering 25 vulnerabilities per device. The 'things' tested included TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers.

"While the Internet of Things will connect and unify countless objects and systems, it also presents a significant challenge in fending off the adversary given the expanded attack surface," says Mike Armistead, vice president and general manager, Fortify, Enterprise Security Products at HP. "With the continued adoption of connected devices, it is more important than ever to build security into these products from the beginning to disrupt the adversary and avoid exposing consumers to serious threats."

Medical Field not equipped. . .

Following up on Armistead's point, it's important to anticipate these vulnerabilities before they actually become threats that affect our daily lives.

The US FDA recently issued a warning pertaining to threats in the medical field, stating that it has identified more than 300 medical devices which are at risk of falling to cyber attacks, including insulin pumps, implantable cardioverter defibrillators, anesthesia devices, drug infusion pumps, ventilators, and pacemakers.

Jay Radcliffe, a security researcher who happens to be diabetic, made headlines a few years ago when he discovered that his computerized insulin pump could be attacked remotely. According to his report, a hacker with ill-intent could have easily changed the amount of insulin that he administers daily. As a warning for others, Radcliffe reported in his blog that emerging medical technology is often ill-equipped to deal with threats arising from our newly interconnected world -- and that more attention needs to be placed in anticipating problems before they occur.

Science Fiction is here. . .

While even just a few years back, this type of technology was thought to be way off in the future. After all, the fear of rebellious machines rising up against mankind was the pablum of science fiction and cartoon shows. However, as we're all becoming acutely, the IoE is scaling faster than anticipated -- and the dangers are imminent.

So now that's it's up close and personal, how do we push technological boundaries while mitigating risks. If you're elated about the promise of a Brave New World knocking on your door, be aware that hackers are equally as excited to tear down what we build up.

IoE needs to be anti-silo. . .

One of the ways to counteract these encroaching risks is to establish IoE standards whereby each manufacturer follows specific established hardware and software guidelines used in all IoE products going forward. Without this consistency in specs, manufacturers would be operating in "silos" versus collaboratively. This not only confuses the consumers in the short-term, in the long-term various products will become stand-alones, unable to be updated. With consistency across product-lines, it will be easier to surface vulnerabilities and determine best practices to counter-act their encroachment.

As IoE progresses, software updates need to be universal as well, so that all of our connected devices can be attended to in an intuitive and consistent manner. The worst thing to happen is to one day wake up and learn that our smoke alarm is no longer talking to our Google Adwords account -- a future problem that could be equally as bad as having hackers hacking into those areas -- or, is it?
Jul 31, 2014
by Anonymous

Knew it, thats what I

Knew it, thats what I suspected from IoE, hacker gets in & ruins your Jetsons style home in miliseconds, & nothing gets done, Scary.
Need redudunt systems or super codes to IOE.