Is the rise of connected devices bad for business?
CES 2017 is now over, yet in just a few days it managed to chart the technology roadmap for 2017. As with every year, CES has a smattering of awful creations alongside impressive advancements in the general markets of TVs and laptops. However, this year saw a surge of IoT and connected devices capture the imagination of this year’s attendees.
At CES, we were invited to imagine a connected world where you wake up in the morning on a bed that automatically adjusted to your shape during the night, or raised your partner’s head slightly because it noticed they were snoring. A coffee maker sits on a kitchen bench, ready with your morning caffeine fix just the way you like it. The smart toaster has your breakfast on the go, as your smart hairbrush berates your brushing technique while you get ready for work. Before you leave the house, you grab your anti-pollution smart scarf and yell at your AI-driven vacuum cleaner to get to work.
The Las Vegas-based tech event showed us there’s a device to make almost every part of our lives “smarter”, and, undeniably, these products have the potential to make a positive impact on daily life. But as we invite an increasing number of connected devices into our home, we could be creating more and more doors to our personal data, in areas they could never have existed previously.
The harsh reality is that, for these devices to work, a degree of personal data must be handed over. For example, to use the Sleep Number 360 bed developed by Simba, you’re required to use a mobile app running a personal profile that holds your name, email address and any other data you decide to provide. Soon, a date of birth could be required just to have a good night’s sleep.
“For these devices to work, a degree of personal data must be handed over.”
If 2016 has taught us anything, it’s that there are no guarantees your data will be safe. Yahoo, TalkTalk, LinkedIn, Tesco Bank, and Dailymotion are just some of the recent hacks that collectively led to the loss of billions of user details. But with the idyllic example hinted at by CES 2017, the sheer volume of personal data collectively locked away could be huge, all contained within worryingly insecure smart devices.
Aside from the problems of data theft, the relentless pursuit of a “connected everything” facilitated a surge in the number of distributed-denial-of-service (DDoS) attacks against businesses in 2016. IoT security is still substantially lacking and, thanks to a general use of default login credentials and a lack of knowledge or responsibility on the part of the user, hackers have been able to exploit the collective bandwidth of IoT devices to create massive armies of botnets, capable of bombarding single targets with cripplingly high volumes of traffic. DDoS attacks like these are worryingly simple, as they don’t require a network breach; instead, they use code and credentials that are openly available online.
As the number of IoT devices increases in our homes, the bigger the gold mine gets. In 2016 we saw the deployment of the Mirai botnet, resulting in a co-ordinated assault on Dyn servers and a massive internet outage affecting the likes of Netflix, Reddit and Twitter. These attacks were some of the largest in industry history, and they’re only set to increase as domestic IoT devices become more popular.
Unfortunately, users won’t necessarily know if their device is part of a zombie army of infected drones. Unlike PCs, which often slow down or crash when infected, IoT devices are designed to run without human interaction and performance is generally consistent despite the presence of malware.
There are clear differences between the priorities of businesses and the everyday consumer and this, according to Aapo Markkanen, principal analyst at Machina Research, is fully exploited by the consumer tech industry.
“In enterprise space, especially in the industrial IoT, the benefits of investing in security and taking it seriously are fairly tangible for suppliers,” says Markkanen. “On the consumer side, the outlook is very different: the customers don’t see security a high priority, so the product makers and their suppliers can afford to cut corners.”