The expansion of the Internet of Things, or IoT, has forced consumers to increasingly rethink the safety of everything they own, from cars to toasters.
In 2015, a pair of security researchers wrecked the nerves of connected-car owners when they remotely hacked a Jeep Cherokee’s internal computer, cutting the brakes, manipulating its onboard systems and otherwise causing chaos as the vehicle barreled along in traffic. This mischief was made to answer a burning question that long represented a growing concern: Are cars getting more hackable? And how n carlsongerous could this be?
The subsequent headlines were fairly sensational, playing to anxieties about rapidly emerging technologies. More level-headed industry analysts, however, jumped in to remind readers about some important details.
The hackers in question prepared their attack for more than a year, and these preparations required physical access to the vehicle, which they owned. It’s unlikely, the argument goes, that real-world cyber criminals would undertake such endeavors, particularly when much easier hacks carry much greater incentives.
Still, the Jeep hack points at a broader area of inquiry within recent cybersecurity research. Of all the internet-connected devices falling under the umbrella of IoT, which ones present a realistic security concern? Is it all just hype?
In a recent blog post, Dark Reading took a stab at separating fact from fiction, focusing on several specific categories of connected devices. Among the conclusions:
- Smart car systems: The physical access required for the Cherokee hack indicates a huge limitation that stands in the way of most of these kinds of attacks.
- Smart home devices: While most hackers would not undertake the effort to take over entire home systems, cybercriminals are quite fond of hacking smart home devices and using them to build botnets, which they can use for other purposes.
- Medical devices: Running embedded versions of Windows and Linux, smart medical devices have already been hacked for ransomware in the real world. This threat is very much in the here and now.
- Utilities: Concerns about a takeover of the grid may be overblown, largely because it would be difficult to coordinate. Hackers, however, have made successful intrusions into several utilities operators’ systems, so this threat can’t be dismissed out of hand.
Ultimately, the media may be guilty of some hyperbole in the area of IoT security, but this area of emerging technology has very real risks.
If your organization makes use of modern smart devices in your business operations, make sure you are properly assessed for risk. Contact Lunarline today to learn how we can help.