Who doesn’t love shiny new tech? As the prospect of a world where you’ll be driven home — in a driverless car — to a house controlled by your smart phone becomes increasingly realistic, it’s hard not to get excited. However, before we get swept up in the possibilities of an increasingly smart world, maybe we should pause and consider the security implications of technological developments. And what better time to reflect on this than during European Cyber Security Month? This year’s campaign, which is running throughout October, is putting emerging technology in the spotlight, so let’s look at some of the dangers that we need to consider.
In terms of emerging technology, one of the biggest developments over the past few years has been the rise of the internet of things (IoT). From voice assistants to smart thermostats, there are now over 7 billion connected devices in use worldwide. The problem with these gadgets, though, is that while their array of sensors and web of connections make day-to-day life easier, they also represent an enticing target for hackers.
IoT devices share a host of data with various third parties, and these transfers have repeatedly been found to be insecure. For example, a few years ago an interactive Barbie doll was hacked, and security researchers were able to find out the owner’s address, break into their Wi-Fi network, and access the toy’s audio recordings. The issue is that IoT devices run on a variety of different operating systems, which renders it difficult to develop universal anti-virus software. Furthermore, although security can be improved in new hardware, there are still billions of older gadgets in use, and the majority of consumers do not regularly update their device’s software, meaning the network remains structurally vulnerable.
Is the thought of secret spy dolls hidden in your lounge scary enough for you? How about hackers at the wheel of driverless cars? Autonomous vehicles are expected to roll out across the world in the next five years, but there remain major concerns about how secure these cars will be. Indeed, in 2015 Fiat Chrysler had to recall 1.4 million Jeeps after it was found that the vehicles could be hacked remotely to allow access to the accelerator. A recent study by the Georgia Institute of Technology found that hackers would only need to compromise 20% of the cars in New York in order to bring the city to a total standstill.
The principal motivation for potential hackers would likely be money, and there are many ways that cars can be exploited for monetary gain. Just like IoT devices, automated vehicles share information with each other and maintain connections to infrastructure such as toll booths. This could allow hackers to access payment details through the car’s systems, compromising vehicle after vehicle. Digital keys could also be hacked to facilitate car theft, or GPS could be used for stalking. To prevent these problems, automotive companies will need to constantly update their security software, while some have suggested that limiting the number of vehicles operating on each network would minimize how many could be compromised in one attack.
As technology becomes increasingly integrated into the physical world, the threats that were previously contained within computers are beginning to creep out into the real world. Our security measures must keep up.