The Internet of Things (IoT) began in 1982 when a graduate student connected a vending machine to a computer network. Almost 40 years later, there are an estimated 50 billion connected devices according to the SafeOwl. By 2025, there could be one trillion devices in use. The IoT professional services market is projected to grow from $79 billion in 2018 to $189.2 billion in 2023.
Connected devices have revolutionized our personal and business habits. However, in creating a more connected world have we created a monster?
Computer security expert Mikko Hypponen compares the IoT to asbestos. "At first, it seemed to be a miracle material; years later it turned out to be a carcinogen, destroying lives and businesses." According to Hypponen, eventually anything that uses electricity will be online. This connectivity is dangerous to privacy and security. In 2014, HP reported that 70% of commonly used IoT devices were vulnerable to cyberattacks and breaches. Vulnerabilities have been found in "smart" TVs, webcams, doorbells and even light bulbs. A survey found 63% of consumers distrust IoT devices, and 28% would not buy a smart device because of security concerns.
Government is taking action to address these concerns. The FCC is working to regulate internet security at the network level. California's Internet of Things Security Law went into effect 1/1/20 (the same date as the more publicized Consumer Privacy Act); it requires all IoT devices to have "reasonable security measures" including unique passwords. The Department of Justice suggests tactics to minimize the vulnerability of existing devices:
- Research to ensure there are no known security flaws.
- Change default passwords, use strong passwords, and download security patches.
- Ensure network security.
- Isolate IoT devices on their own network.
- Don't connect devices to internet unless it is necessary.
The advantages of IoT outweigh the risks. IoT is here to stay - we have to learn to make and keep it more secure.