The Business Insurance Bureau

The Dangers of The Internet of Things (IoT)

Dangers of The Internet of ThingsSo what is “The Internet of Things?”… Basically this term popped up in 2005 and honestly, today there is still no agreed consensus widely accepted about what it specifically is although we can ascribe it to communicative devices as explained below.

The term is associated with products both private and commercial which enable communications with one another to share information, as an example devices which could be considered to be part of “The Internet of Things” would include sensors monitoring stock levels in retail stores, motion activated lighting systems, fridge sensors to tell you your running low on milk.

Simply put the (IoT) refers to devices and sensors which are not smartphones, tablets and computers that allow for the communication of data limited to the gadgets sold to or used by consumers be they public or private.

Key Internet of Things (IoT) Dangers:

Mobile Defences

Given the rise and proliferation of mobile technology it is essential that businesses moving forward incorporate mobile device management and system maintenance ensuring they are kept up to date and secure

Internet of Things Complexity magnifies Cyber Risks

Where there are more networks there will be more risks, currently there are 3 billion smartphones in operation and since 2005 the rise of IoT devices has already surpassed 8 billion devices.

Not just Data at Risk

It would be easy to forget public services like Water, Sewage, Traffic Light Management & GPS Tracking devices could also be affected by hackers, as networks expand they combine, where they combine, the risks exponentially increase across the board

Let's talk about a Listening Barbie

Internet of things spying barbie dollEver heard of Barbie?…

  • Did you know Hello, Barbie recorded every sound going on round about it?…
  • Did you also know every single one of these recordings were sent across the oceans to private firms in America?…
  • Did you know these recordings could be used for an entire range of purposes?…
  • That’s right that bedtime story you told your children, Recorded…
  • That chat with your other half about life, Recorded…

Did you know an Expert all the way back in 2015 said these dolls could be hacked to effectively spy on families.

In 2015, an expert claimed Mattel’s Wi-Fi enabled Barbie can be hacked and the toy could even act like a surveillance device by listening into a family’s conversations. This follows on from the news that a hacker obtained photos of children and chat logs from toymaker VTech, which makes electronic learning devices.

The doll connects to the internet via Wi-Fi so it can search responses to questions via software company ToyTalk.

Let's talk about Google's Listening Teddy Bears

Never far from innovation we find Google at the forefront whereby in 2015 they secured a patent for teddy bears and cuddly rabbits to watch children and adults so they could hear everything said within the area.

No content with just listening privacy campaigners were outraged that not only were there microphones within these toys but also speakers and camera’s, now while the intent behind these toys were to provide an fun and friendly face for our children to play and learn with the overarching privacy concerns are well beyond what a simple childrens toy should ever raise. Read More

The toys, dreamed up by Google’s secretive R&D division, have captured the attention of privacy campaigners, because they contain microphones, speakers and cameras.

The toys also feature motors to change their facial expressions and have the ability to connect to the internet.

Google’s patent suggests the ‘toy’ would listen for a trigger word and upon hearing it, would turn to face the speaker.

Using cameras, it would check the person is making eye contact with the toy, the BBC reports

Making it Cheaper, By Doing it Right™

Submit a message with any questions you have about this insurance product below:

Let's talk about Hacking & The Internet of Things for a moment...

Obvisouly the security concerns regarding the transmission of data are numerous and massivley impactful in many ways, so let’s look at some of the dangers of these devices and what the future may hold in store for all this communication of information.

Fiat's Remote Control Car... Not Quite...

Fiat Chrysler had to recall 1.4 million vehicles after a flaw would found which would allow anyone with the knowledge to be able to remoteley control steering and braking effectivley turning your new shiney car into a glorified remote control risk with you and your family inside…

Distributed Denial of Service Attacks (DDOS) & Botnet's

One of the biggest problems with IoT is that there is an exponentially growing amount of these devices and these can and have been used in the past to commit Cybercrime.

Now botnet’s are no new entry they have been around with us since early 2000 and allow the inclined to leverage entire swathes of computers to do their bidding, however the sheer scale to which these attacks can be performed using these devices grows every single day as more and more devices are created and brought into service.

The market has been flooded with inexpensive devices like webcams, baby monitors, thermostats, and yes, even yoga mats and fry pans that connect to the Internet, each of which has its own IP address.

But these devices have little or no built-in security, and even when they do, users in some cases don’t even take steps of setting a passwords for them to secure them.

That makes them easy targets for hackers wanting to create and use a botnet for whatever purpose they have in mind…

Examples of Distributed Denial of Service Attacks:

Dyn Attacked

On 21 October 2016, the DNS provider Dyn, experienced a massive DDoS attack and initially claimed that the attack originated from tens of millions of IP addresses around the world (Sophos NakedSecurity referenced Mirai’s source code to challenge that claim). A later update from Dyn, noted that malicious endpoints were actually estimated to be around 100,000.

The attack caused issues to certain users trying to reach popular websites such as Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix throughout that day. Read More

Krebs on Security

On 20 September 2016, “” became the target of a massive DDoS attack that eventually knocked the site offline. The site was initially protected from this attack by Akamai, the website’s digital security service provider.

The company decided to withdraw its pro bono protection shield, since the magnitude of the attack (approximately 620Gbps) was too vast to bear it without affecting other customers. Akamai’s analysis indicated the use of a large botnet of compromised IoT devices.

Upon Akamai’s protection withdrawal, the website went offline until Google offered its DDoS attack mitigation service, Project Shield, to revive it. Brian Krebs provides more information on the attack through his Read More.

I don't need to Worry the Law has me protected...

In almost all cases you are correct, but remember many of these devices just by you purchasing them is an unspoken agreement and consent about what these devices will actually do.

By utilising or simply purchasing them you may well give license to a company to harvest all kinds of private data about yourself and those around you.

Final Thoughts

Moving forward there is no abating technology and the influence they have in our lives, every day we engage with devices for a multitude of reasons but in thinking about privacy and your home life please be aware of the dangers such devices can have and the uses you need them for.

If you think you have enough technology 

Read More from Sources: 

Dailymail, Enisa, Forbes