It’s easy to get left behind by technology’s frantic march forward. It seems like it’s only been a few years since we started hearing about the coming revolution of the “internet of things”, and that revolution’s already well underway. Everything in the modern home can be connected, from the heating to the light bulbs and even right out to the doorbell. Industrial facilities and manufacturing systems can monitor themselves, adjusting to demand and helping to address issues in real time. Advanced connectivity can enable patients and their doctors to interact at a distance, saving time and money while enabling a higher standard of care. Even traditionally labor-intensive industries like transportation and farming are being transformed by the massive influx of connectivity.
It seems inevitable that we’ll be seeing the internet everywhere and in everything, bringing enormous boosts to efficiency and convenience as connected devices take responsibility for more and more of our daily lives. With voice-activated digital assistants to tie it all together, it seems like the computerized utopias of 1950s fiction are almost in reach. So what could be bad about that?
With this explosion of connectivity comes an explosion of computing devices. Just about all of those smart devices contain proper computers, typically running a stock operating system using commodity hardware. The complexity of that system is hidden away from the consumer, but in principle these devices could be used to do anything that a regular computer could do. They can communicate with servers. They can perform complex calculations.
They can get viruses.
The explosion of IoT products has been paired with a near total lack of good security practices. They advertise their presence so openly that you can find them with a search engine, and they frequently have so few barriers to snooping and remote access that it’s possible to connect and interact with them with no real effort. Even worse, many of them are configured with accounts and settings that are trivially easy to bypass, making it exceptionally easy to alter and take control of them.
All of that’s led to an explosion of devices infected by viral bots, silently pulling them into enormous malware networks that can be used to spread spam, commit fraud, or overwhelm internet services in order to take them down. One of these networks, named Mirai, was used in 2016 in a distributed denial of service attack so massive that it caused huge outages across a number of services, even impacting tech giants like Twitter. According to McAfee, the network had managed to infect at least 2.5 million devices by the end of 2016. The danger posed by these botnets will only increase as the internet of things grows larger, threatening outages and disruption on an unseen scale.
So, is the internet of things good? For now, I think it’s hard to say. The potential for this technology to improve our lives is spectacular, but at the same time, we can’t ignore the unbelievably dire security situation in the IoT sphere and the serious threat that this could pose to the internet as a whole.
Sebastian Whalen, Software Developer Missing Link Technologies ltd.