Internet of Things: the future is smart but is it safe?

Connectivity between televisions, cars and a multitude of other electronic devices is about to take off, making people's lives much easier, but as with any technological step forward, the hackers could already be two steps ahead.

Internet of Things is a network of physical ‘things’ embedded with electronics that connect, collect and exchange data. It’s advent, however, is raising security concerns about the tech-driven nightmare it may unleash on  an unsuspecting public vulnerable to cyber attacks. Ed Jones / AFP
Powered by automated translation

Internet of Things (IoT) technology will connect us like never before, but the cost to our privacy and security remains to be seen.

Imagine a world where parking spaces know when they are free and tell your car how to get to them – or where your TV is so smart you can ask it to suggest some movies for the evening.

Or how about a world where your location is known every moment of every day and where your TV can report everything it hears, but you have no idea who is listening in?

In fact, they are the same world – and it is one rapidly taking shape right here and now.

The driving force is what may prove to be the most deceptively innocuous-sounding revolution in history: the Internet of Things (IoT).

As a buzzword, the IoT does at least have the benefit of being simple and accurate. It’s precisely what it says: a global network of things ranging from lights and locks to cameras and cars, fitted with microchips and software so they can talk to each other.

The impact of such connectivity beggars the imagination, and so does its commercial potential.

Both will dominate this year’s Gitex, the Gulf IT exhibition being held this month at Dubai World Trade Centre.

Keynote speakers have been lined up to describe their vision for “smart cities”, where items including home entertainment and fitness “wearables” to cars and traffic lights will be tied together in “data-driven relationships”.

It’s a vision that has sparked the imaginations of civic planners around the world.

South Korea has created Songdo, a smart city south-west of Seoul, that is already showcasing IoT tech, from interactive TVs to automated trash tracking.

In April, India gave the green light to the contribution of 100 smart cities across the nation over the next five years.

If you cannot wait for the future to arrive, just stay put: last year, the GCC announced that Dubai will be the world’s smartest city by 2017.

And the plans are on track. Just last month telecoms provider du successfully tested the first IoT network in the Middle East.

This will allow battery-powered wireless gadgets to exchange data with each other, opening the way to an IoT connecting a vast array of smart city tech, such as intelligent, energy-saving street lights and parking sensors that will flag up available spaces to drivers in real time.

The first phase of Dubai’s IoT will be rolled out in the first quarter of next year.

But that is just the start: du has made clear its determination to make the entire nation smart within a year or so.

There can be no doubting the company’s ambition, nor its focus on using the technology to make Dubai an easier place to live. And to IoT evangelists, it’s simply the next step in our technological evolution.

First came the internet in the late 1960s, which for anything other than simple messages was slow and clunky. Then came the World-Wide Web in the early 1990s, which made the whole messy problem of data exchange between computers so user-friendly anyone could do it.

Next came the cloud computing revolution, that allows us to access whatever we want from wherever we are, whenever we like.

Now, the IoT completes the process, extending the connectivity we have with computers to everything else.

But within the IT community there is growing concern that this is a dangerously complacent view. And they are warning we may be sleepwalking towards a tech-driven nightmare.

The focus of the concern is security. No surprises there; from stolen memory sticks to database hacking and viral infections, every advance in IT has exposed us to new threats.

The concern is that with the IoT these vulnerabilities are being taken to a whole new level. That is because while the devices being connected might be smart in name, the software they run is anything but.

We have all grown used to switching on our laptop, tablet or smartphone and waiting for the latest software patches to upload.

It is annoying, but it is the price we have to pay to stay safe from attacks by cyber criminals. Even then, it doesn’t always succeed – but at least we can isolate the problem and deal with it.

That is not possible with the IoT. Security experts are warning that “IoT-ready” devices are achieving ubiquity by reliance on cheap, outmoded software that can’t be updated easily – or even at all.

This year, Deepak Taneja, of IT security company RSA, warned that the headlong race to roll out the IoT is turning it into “a timebomb”.

His concerns are echoed by the internationally respected IT security expert Bruce Schneier, who estimates that the IoT already has hundreds of millions of insecure devices, waiting for someone to discover their vulnerabilities.

In short, the IoT is giving hackers hundreds of millions of trapdoors into our lives. And they are already using them.

Top of their hit list are routers, the devices that act like post office sorting clerks, taking incoming data and passing it on to the right recipients.

By targeting vulnerabilities in their software, hackers have already found ways of seizing control of the devices they connect.

Last month, US security consultancy company Rapid7 reported that tests of several popular web-connected baby monitoring cameras were vulnerable to basic hacking techniques.

As well as seizing control of the cameras for remote spying, criminals could use the cameras to hack into computers connected to the same network.

The report follows revelations that smart internet-connected TVs made by Samsung not only respond to voice commands but can transmit whatever their microphones detect across the internet for remote processing.

The story sent commentators scurrying for their copies of George Orwell’s dystopian novel 1984, which describes “telescreens” that pick up anything said above a very low whisper and report it to the Thought Police.

Not surprisingly, civil liberty groups are also concerned about the power of the IoT to command and control us all.

But even those living under the most benign regimes need to ask questions about the IoT. Industry reports estimate that within five years it will consist of 10 times as many devices as there are humans on Earth.

In kicking open the door to this technological wonderland, IoT companies need to assure us they know who’s rushing in behind them.

Robert Matthews is visiting professor of science at Aston University, Birmingham, UK