White House senior counselor Kellyanne Conway made headlines in March when she described electronic surveillance performed by microwave ovens.
“You can surveil someone through their phones, certainly through their television sets—any number of ways,” Conway told the Bergen Record. “We know this is a fact of modern life.”
While Conway’s example of “microwaves that turn into cameras” was widely debunked, her broader point rings true with internet security experts. Household objects, such as smartphones, video games, security cameras, fitness bracelets, thermostats, and even your TV, are increasingly interconnected in what is known as the Internet of Things or IoT, so dubbed by Peter T. Lewis in 1985.
The term refers to anything connected to the internet. Today, you can purchase light bulbs that dim with the sound of your voice or from the press of a button on your smartphone. You can start your car remotely. A 2014 report by the investment firm Goldman Sachs predicted the number of internet-connected devices could grow 10 times by 2020, to as many as 28 billion “things.”
Low prices vs. security
Lower costs with ramping up this high-tech revolution can make life more convenient, fun, and even increase energy efficiency with new ways to control heating, cooling, lighting, and the many other uses of electricity.
“The cost of including communications in the devices has come down dramatically. Twenty years ago, you could only afford an ethernet port or Wi-Fi in a computer,” says Tim Heidel, deputy chief scientist with the National Rural Electric Cooperative Association (NRECA). “Now, we’re getting to the point where it costs literally only pennies to include that capability in any device imaginable.”
Heidel continues, “So what’s changing here is the number of devices. Once you have a critical mass of all the places that are capable of communicating, they can then start communicating with each other. All of this promises convenience and services, but in the pursuit of extremely low costs, sometimes there’s the opportunity to cut corners on security.”
A stunning example happened last October when hackers crashed dozens of websites in the United States for most of a day, including well-known names like Netflix and Twitter. Incredible as it seems, that attack may have been aided by a device in your own home.
Hackers had already scanned the world for devices vulnerable to infection by malicious software that allowed them to take control of hundreds of thousands of home routers, baby monitors, printers, and network-enabled cameras. Using that “botnet,” the hackers flooded websites with so many messages the sites shut down for several hours in what is called a “Denial of Service” attack.
Think of those interconnected devices as computers, says Chris Hayes, chief technology officer for the Kentucky Association of Electric Cooperatives. Unprotected, cyber criminals can use these devices as a way into your house where they can compromise other network devices.
“Much like buying a new car, consumers need to understand the safety and security capabilities and maintenance requirements for devices they purchase,” Hayes says.“Cyber criminals quickly adapt to new methods of attack, and exploit unpatched software. So, it is important to regularly maintain your devices.”
This doesn’t require new brakes or an oil change, but it does require regular updates to software/firmware and security maintenance.