As the Internet of Things (IoT) takes over more virtual territory, so do hackers and so can spies. The US intelligence chief has admitted for the first time that smart household devices connected to the internet can increase surveillance opportunities for intelligence agencies.
“In the future, intelligence services might use the IoT for identification, surveillance, monitoring, location tracking, and targeting for recruitment or to gain access to networks or user credentials,” James Clapper, US director of National Intelligence told the Senate.
DNI Clapper: “Unpredictable instability has become the new normal, and this trend will continue into the foreseeable future.”
— Office of the DNI (@ODNIgov) February 9, 2016
What Clapper is basically saying is that smart devices connected to a wireless network in your home, like a baby monitor, a television, a speaker system, a fridge and even a thermostat can be infiltrated by intelligence officers to collect data in real time.
Vulnerabilities in the Internet of Things have already been exposed. A recent report, “The Internet of Things: Privacy & Security in a Connected World”, warns that wearable technology, web cams, ‘smart’ home hubs and Internet-connected cameras can be vulnerable to hack attacks.
Nick Pollard, of Guidance Software told Computer Business Weekly that cybercriminals see IoT as an easy target.
“As the vast scope of the IoT broadens as well as the security risks associated with the IoT, manufacturers of IoT devices perhaps do not have resources available to ensure that every loophole or flaw has been covered. The potential therefore exists for successful security breaches to be exploited on a black market.”
Another report titled “Don’t Panic, Making Progress on the ‘Going Dark’ Debate” takes the debate over the vulnerability of the IoT one step further, suggesting that it “has the potential to drastically change surveillance”, offering opportunities for surveillance through an alternative channel if encrypted channels are blocked.
“The still images, video, and audio captured by these devices may enable real-time intercept and recording with after-the-fact access. Thus an inability to monitor an encrypted channel could be mitigated by the ability to monitor from afar a person through a different channel.”
So, while privacy campaigners battle against government demands for access to encrypted data — intelligence agencies could just use another channel, provided by the IoT to gather the desired data.
The report says the IoT market is forecast to grow into a multitrillion dollar industry within the next decade, incorporating everyday items.
— Tamara McCleary (@TamaraMcCleary) February 10, 2016
“Appliances and products ranging from televisions and toasters to bed sheets, light bulbs, cameras, toothbrushes, door locks, cars, watches and other wearables are being packed with sensors and wireless connectivity,” the report states.
“Phillips, GE, Amazon, Apple, Google, Microsoft, Tesla, Samsung, and Nike are all working on products with embedded IoT functionality, with sensors ranging from gyroscopes, accelerometers, magnetometers, proximity sensors, microphones, speakers, barometers, infrared sensors, fingerprint readers, and radio frequency antennae with the purpose of sensing, collecting, storing, and analyzing finegrained information about their surrounding environments.”
The report concludes — and concurs with the statement made by US intelligence chief James Clapper, that:
“These forces are on a trajectory towards a future with more opportunities for surveillance.”
And it appears government agencies are ready to take them.