Internet of Things: Connectivity vs. vulnerability

This article is part of an ongoing State of Innovation series exploring global inventions and innovation trends in 12 key industries.  Download the State of Innovation report on the Information Technology industry now, or download the full 2017 report here.

 

The race is on for innovators to develop methods to thwart the hackers.”

 

The term Internet of Things (IoT) is commonly applied with reference to non-computing devices in the home such as lighting, smoke detectors and kitchen appliances, but IoT also encompasses technologies including autonomous vehicles, industrial control systems (Industrial IoT, IIoT) and logistics management.

Today’s Internet of Things has evolved from technologies that include home automation. In the late 1980s, for example, Echelon Corp., a company founded by former Apple Chairman and CEO Mike Markkula, started to develop systems based on having smart integrated circuits (ICs) and sensors embedded in basic household articles such as light bulbs, which could be controlled and monitored via a wired network. As ICs have continued to reduce in cost and increase in processing power (and given the growing ubiquity of the internet), options and capabilities for such network control have expanded greatly.

But with predictions of 20, 50 or even 200 billion (according to Intel Corp.) IoT devices in use by 2020, data security, privacy and control are major concerns for IoT providers and consumers – just as they are for traditional computing devices. With the increase in data-transfer speed expected from fifth-generation (5G) cellular networks just around the corner, the step-change in IoT usage only increases these concerns. Security issues include:

  • Privacy and Control: Security policies are required to define whether data are owned by the customer or the service provider, and the usage of data collected by IoT devices, including those activated by voice recognition. Devices may not necessarily use a router installed in a user’s home, but may communicate via cellular or other Wi-Fi networks without the homeowner being able to control or monitor network access. Regulatory standards also must be developed for auditing, compliance and legal evidence requirements, and one important issue is how to manage change of ownership; e.g., for a house with dozens of embedded devices that won’t be taken to a user’s new home.
  • Compromised access: Multiple devices with insecure, unsophisticated and/or outdated embedded operating systems increase the risk of security vulnerabilities, as does the tendency for users to use the same login details across multiple applications and devices. Hacked IoT devices could be used to compromise cloud/network servers, as in one recent case where an internet-enabled heating, ventilation and air-conditioning (HVAC) system was the initial entry point from which hackers gained access to customer payment data.
  • Malicious attacks: The use of multiple IoT devices to launch Distributed Denial-of-Service (DDoS) attacks has already been reported. Malicious attacks on IoT systems could endanger safety, e.g., hijacking of autonomous vehicle controls, or cause financial disruption, e.g., industrial production halted by ransomware. Installations such as water supplies or power stations are high-profile potential targets for such attacks.

 

Innovations in IoT security protection

However, it’s not all negative news on the IoT security front. IoT-related Intellectual Property (IP) developments in 2017 include patents issued by major corporations such as Intel, IBM, ARM and McAfee on topics including security policies for controlling access to resources and data associated with IoT devices, malware detection, user authentication and software management. Patents also cover details of encryption, time-stamping of transmitted data, and the infrastructure used to connect IoT devices to cellular networks. The race is on for innovators to develop methods to thwart the hackers.

Individuals and businesses may take extra precautions such as personal insurance policies to at least mitigate the effects of being hacked, but the benefits and convenience that the IoT can provide will be far too tempting to not be a part of.

Consumer demand for much greater interconnection of devices is sure to increase. In the home, IoT connectivity will enable appliances such as coffee machines, washing machines and air-conditioners to be monitored and optimized for efficiency, and more importantly, sensors will enable and improve remote monitoring of people’s health. Businesses will be able to optimize supply chain and inventory processes, and government organizations can optimize services based on data generated by citizens’ activities.

To learn more, read the State of Innovation report on the Information Technology industry or download the full 2017 report here, which showcases latest inventions from around the world and focuses on trends in the top 12 industries.