Consumers who buy internet-enabled devices such as fridges, doorbells and TVs are leaving themselves exposed to hackers who could use them to gain access to their personal data. Many household appliances can now be linked up to the internet to help streamline the home. Fridges can provide reminders of when to buy milk, while televisions can offer advice on what programmes to watch. However, the 'internet of things' is also leaving people vulnerable to online attacks.
Cyber criminals take advantage of flaws in online security and all new appliances, capable of being hooked up to the internet, should carry a kitemark rating showing how secure they were. Shodan, known as the google of exploitation, is the world's first search engine for Internet-connected devices and is used to discover which devices are connected to the Internet, where they are located and who is using them. Shodan features many groupings including: Industrial Control Systems (ICS), Video Games, Webcams and many more.
Furthermore, Leaked documents showed that British spy agencies worked with the CIA to turn Samsung televisions and smartphones into bugging devices that can record conversations and even take photographs. In March, the CIA was accused of running a secret computer hacking programme giving its agents access to everyday items including mobile phones, televisions and iPads, fuelling fears among consumers that their gadgets could be used to spy on them.
UK Government announced plans to allow technology firms, such as Google and Amazon, to enter the energy market. Ofgem, the energy regulator, and the Department for Business, Energy and Industrial Strategy, said that they would relax rules which prohibit any firms other than dedicated energy companies from providing gas and electric to British homes. The scheme is designed to save billions in electricity bills – by allowing tech firms to 'disrupt the market' and offer 'time of day tariffs' which would reward homeowners for turning appliances off at peak times. But, as it would be heavily-reliant on internet-connected meters which provide real-time information about energy use, the scheme is likely to raise further questions on privacy and data security amid concern that the smart meters could be hacked.
Online fraud is already the most common crime in the country with almost one in ten people falling victim. More than five and a half million cyber-offences are thought to take place in Britain each year, accounting for almost half of all recorded crime in the country. But only a fraction of offences is reported to the police because victims often feel too embarrassed or believe little can be done to catch those responsible.
The fear around the 'internet of things' stemmed from the fact that household appliances may often be linked to bank details – for example fridges which can automatically order shopping online when it is required. As most modern televisions and computers are fitted with cameras, there is concern that criminals might even be able to spy on people in their own homes.
If all new devices sold were to carry a security rating, consumers would be more informed in terms of how best to protect themselves online. Plans by Ofgem to relax the rules in order to let tech firms introduce new 'smart' tariffs will require millions of homes to be fitted with internet-connected meters. These will transmit information about when a household uses most energy to suppliers, giving them the power to increase bills at busy times.
More articles by James
The Air-Gap Dilemma
QA Cyber Security Specialist, James Aguilan, looks at the methods through which air-gapped systems can be compromised.
26 March 2019Turning an Amazon Echo into a smart home security system
QA Cyber Security Trainer, James Aguilan, looks at how an Amazon Echo can act as the control point for several home security…
05 June 2018Safeguarding your Digital Footprint
QA Cyber Security Trainer, James Aguilan, shares 6 tips that can help you safeguard your digital footprint.
05 March 2018Phishing Campaigns: Defending organisations against phishing
QA Cyber Security Trainer, James Aguilan, argues that understanding how to defend against phishing is of paramount importance…
15 February 2018Most common ways for thieves to steal your cryptocurrency
QA Cyber Security Trainer, James Aguilan, looks at how cybercriminals can steal your coins.
19 July 2018Is Mr Robot a good representation of real-life hacking and hacking culture?
QA Cybersecurity trainer James Aguilan looks at several scenarios featured in the hit US TV series Mr Robot – and how they ma…
19 February 2018How to build an effective cyber defence against polymorphic malware
QA Cyber Security Trainer, James Aguilan, lists three key areas where security efforts should be focussed to counter polymorp…
11 October 2018How do organisations demonstrate accountability for GDPR compliance?
QA Cyber Security Trainer, James Aguilan, outlines steps towards demonstrating compliance with the GDPR.
20 March 2018Cryptocurrency Mining: Does the reward outweigh the cost?
QA Cyber Security Trainer, James Aguilan, looks at the practice of mining cryptocurrency.
27 March 2018Cryptocurrency in traditional crimes
QA Cyber Security Trainer, James Aguilan, looks at how cryptocurrency is used in crimes such as drug trafficking, money laund…
25 July 2018