Views and announcements

IoT cyber-security is a serious problem that needs real solutions

  • It seems like a few years ago everyone was talking about the Internet of Things, the rapidly growing number of small internet-enabled smart devices that were starting to pervade our lives. While it may no longer be the hottest buzzword, the number of smart devices and pieces of industrial equipment accessible via the internet has reached record levels.

    Most IoT devices are small proprietary pieces of hardware with limited memory capacity and few cyber-safety standards, and that poses unique challenges when it comes to security. I found out more about the topic of IoT security at a recent Belfast Met event featuring expert analysis by Dr. Áine MacDermott of Liverpool John Moores University.

    The Internet of Everything

    The term Internet of Things often conjures up images of smart fridges and lights you can switch on and off from a mobile phone app, but it includes millions of devices that you might not consider. There are now millions of internet-enabled pieces of robotic machinery for manufacturing, internet-enabled locks for buildings, small sensors, and autonomous drones.

    It's no surprise then that people are starting to think the term "Internet of Everything" may be more appropriate, though more people are talking about "Industry 4.0" as the automation benefits of IoT devices are continuing to revolutionise industry. Large-scale agriculture now involves countless connected environmental sensors and autonomous drones for monitoring conditions, for example.

    IoT has applications in the social progress space too, with innovative new applications currently being researched such as sensors in the home to keep tabs on vulnerable adults and watch patients after they return home from hospitals. The rapid advancement of connected medtech wearables also has real potential to revolutionise healthcare and improve lives.

    IoT security is a real problem

    With all the potential of IoT devices to improve our lives, the rapid proliferation of small connected devices has presented a unique set of security concerns. Many IoT devices have poor or no security, and we discovered the scale of this problem last year when the Mirai malware worm was released into the wild and turned millions of IoT devices around the world into one colossal bot net.

    Cyber-security expert Dr. Áine MacDermott from Liverpool John Moores University spoke at length about the growing IoT security concerns in the face of emerging technology. Millions of us now have smart speakers such as Amazon Alexa in our homes, and a security vulnerability in anything connected to your network could give hackers access to spy on you.

    Your personal data is at risk

    We live in a world where your personal data is routinely leaked in data breaches and misused by both companies and hackers, and the consequences of losing access to your personal data may be more dangerous than most people realise. One Amazon Alexa user recently discovered the scale of the issue when he requested Amazon send him his alexa data and got someone else's instead.

    A German tech magazine got a hold of the recordings and was able to piece together details about the user's life and figure out who it was, and recent research suggests that even access to seemingly innocuous data could be just as serious a data breach. Research using datasets from IoT electricity usage sensors has been able to use deep learning to identify behavioural patterns in users and deduce their daily routines.

    AI and deep learning technology isn't going away, and uses such as these do have the potential for incredible benefits to the elderly and disabled, but it also has devestating potential for abuse if the sensor isn't secured. Many IoT devices on the market today ship with identical default passwords, communicate with servers without using any encryption, and don't have systems built in for updating when security vulnerabilities are discovered.

    What should companies do?

    The biggest thing I took away from Dr. Áine MacDermott's talk was that the scale of IoT adoption is still rapidly on the rise, and IoT security is a growing concern. Companies installing IoT devices should consider how much access the device has to its network to limit the fallout in the event of a breach of security, and firms creating IoT devices will have to make security a priority

    The new GDPR legislation has imposed additional restrictions on how data is used. It also imposes financial penalties for personal data breaches that could cripple small companies if they don't take the time to consider the security of their connected devices. Data from sensors, microphones, and other small devices can be used to track and identify users and may be considered personal information.

    I'd like to thank Belfast Met and Dr. Áine MacDermott for hosting this interesting talk. You can follow Dr. MacDermott on twitter over at @ainemacd or drop her an email at Stay tuned to the Sync NI events page for more events from Belfast Met featuring local experts from across the tech industry.

    About the author

    Brendan is a Sync NI writer with a special interest in the gaming sector, programming, emerging technology, and physics. To connect with Brendan, feel free to send him an email or follow him on Twitter.

    Got a news-related tip you’d like to see covered on Sync NI? Email the editorial team for our consideration.

    Sign up now for a FREE weekly newsletter showcasing the latest news, jobs and events in NI’s tech sector.

Share this story