Privacy and Security Issues with the IoT

The Internet of Things is growing every day and opening up exciting possibilities for consumers. Among some of the more recent innovations: a leak detector which helps you avoid water damage, a sensor for your garden which alerts consumers to the need for water or fertilizer, the television that doubles as a controller for your home automation devices, etc. But the more connected we become, the more possibilities there are for privacy and security issues with the Internet of Things.

You’ve probably already heard some of the stories of security breaches. Hacker-researchers have tested their abilities against smart products and found ways to hijack nearly anything, including smart cars, video cameras, kitchen appliances, home security systems, and even medical devices. But the malicious hackers are at work, too. A few years back, spammers were able to compromise a smart refrigerator to send out approximately 750,000 junk messages. In 2015, cyber criminals shut down an entire power grid in the Ukraine, leaving over 230,000 people without power in the middle of winter. Just last year, a family in Washington discovered a hacker was using their baby monitor to spy on, and speak to, their 3-year old son.

Privacy is also becoming a bigger issue with the advent of home assistants like Amazon Echo and Google Home. For instance, the Echo is designed to record conversations, beginning the moment before their “wake word” (“Alexa”) is spoken, to the point where they complete the task or answer the question asked of them. The device is constantly “listening” for the activation word. However, consumer tests have shown that the Echo can sometimes hear wrong; thus, a misspoken word could activate it and prompt a recording without the immediate knowledge of the owner. Because of this, some wonder what other personal conversations their home assistant might be overhearing, and how private those recordings actually are. In fact, authorities in an Arkansas murder case have petitioned for the voice recordings from the suspect’s Amazon Echo account to listen for evidence. While Amazon initially refused to comply with the demand, the suspect’s defense team recently agreed to provide the recordings. Users can keep accidental recordings from happening by activating the mute feature on the Echo or disabling voice recording on Google Home. Of course, this also prevents the units from doing their main function: answering your voice commands.

Managing privacy and security issues with the Internet of Things is naturally a priority for manufacturers, but the genre is growing at an explosive rate, and hackers are constantly working to circumvent security measures. Consumers must take steps to address the security vulnerabilities within the products they choose to bring into their homes.