There are Dangers Lurking in the “Internet of Things!”

There are dangers lurking in the “Internet of Things!”

In the“The Internet of Things,” everything “from meat thermometers monitored with a smartphone to Wi-Fi-equipped dog collars, devices and services in homes and businesses are increasingly being connected to the Internet.” “Devices on the market or the drawing board include smart door locks, toothbrushes, wristwatches, fitness trackers, smoke detectors, surveillance cameras, ovens, toys and robots.” See http://on.wsj.com/1dGJNXC In this world of the “Internet of Things” you’d enter a hotel room where the lights, the stereo, and the window shade adjust to your preferences before you even walk in, your home air conditioning system will start-up when you leave your office at night, your dog’s collar will notify you if your dog leaves your yard, your in-ground sprinkler system will monitor the weather forecast so as not to turn on if it rains and your refrigerator will remind you when you are out of beer.

The data generated by such devices might become a privacy threat, for example, your Nest thermostat has a feature called “Auto-Away” that learns when you’re not home.

More importantly, these devices can be doorways for hackers to hack into your computer network. See http://nyti.ms/1e6rDSe As reported in the New York Times, by infecting with malware the online menu of a Chinese restaurant that was popular with employees, attackers got a foothold into an oil company’s vast computer network. Hackers got access to Target’s customers’ credit card records through its heating and cooling system. Researchers testing computer security got into Google’s Australia headquarters’ network through its building management vendor. Researchers at universities in Canada and Israel were able to hack the Philips Hue smart light bulbs in an office building and by compromising a single light bulb were able to infect a large number of nearby lights within minutes from a car 229 feet away. Philips subsequently fixed the vulnerability with a patch. See https://nyti.ms/2jErU5K

In the most famous example of an Internet of Things hack, web sites, including those of Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times, were brought down last October via an attack on a company called Dyn, located in New Hampshire, that managed the DNS address servers for those web sites. Those servers match domain names to their associated IP addresses so that when you type a domain name into your web browser’s address bar, your computer contacts that DNS server and asks what IP address is associated with that domain name. In that attack, those web site servers were attacked through a massive distributed denial of service attack utilizing hundreds of thousands of internet-connected devices like cameras, baby monitors and home routers that had been infected without their owners’ knowledge and software that allowed the hacker to command them to flood a target with overwhelming traffic. See https://nyti.ms/2klxPKG

In the Internet of Things, your air conditioner shouldn’t be talking to your point of sale device. Corporations should set up their networks so that access to sensitive data is sealed off from third-party systems and remotely monitored with advanced passwords and technology that can identify anomalous traffic.

At home you should establish and set strong passwords for all of your devices, regularly update your software for your smart home devices and set up separate Wi-Fi networks for your computing devices, i.e., your computer, tablet and smart phone and those other devices like your thermostat, refrigerator and bathroom scale.

Remember, Edward Snowden was a third-party contractor working for Booz Allen Hamilton inside the NSA’s Hawaii regional operations center.

About ERIC WACHSPRESS

The material on this website is for informational purposes only. It should not be considered legal advice and is not intended to create an attorney-client relationship. If you have questions regarding any material presented herein, we recommend that you consult an attorney. This web site and information presented herein were designed in accordance with Illinois law. Any content in conflict with the laws or ethical code of attorney conduct of any other jurisdiction is unintentional and void. I am a Chicago attorney practicing in the areas of trademark, copyright and information technology law as well as general corporate law. Formerly a trademark examining attorney with the United States Patent and Trademark Office, I have been in private practice since 1987 representing clients in a wide variety of industries, including the consumer products, financial services, information technology and entertainment industries. You can contact me at markscounsel@gmail.com, by phone at 773.934.5855 or by mail at 417 S. Jefferson St., #304, Chicago, IL 60607 USA
This entry was posted in News and tagged , , , , , . Bookmark the permalink.