Your smart fridge is about to make our IoT security nightmare so much worse

LAS VEGAS — Each year, CES plays host to some of the most compelling innovations in the tech industry: self-driving cars, virtual reality, robots, drones and televisions that get bigger and thinner each year. Not to mention Wi-Fi and bluetooth sensors embedded into just about every previously mundane appliance and object imaginable. 

Want Amazon’s Alexa in you refrigerator, washing machine, trash can and light fixtures? You’re in luck. How about a smart hairbrush, a Wi-Fi-connected shower or an app-enabled breast pump? CES has it all. 

It’s not just startups hawking crazy gadgets, either. Some of the biggest companies in the world are also fully invested in selling us on the dream of a fully connected home. During its CES press conference, an LG executive breathlessly announced that from now on all of its appliances will be Wi-Fi-enabled and connect to the company’s cloud. 

All this, of course, is supposed to make our lives easier. Sure, no one needs an app to control the temperature of the water in their shower or a hairbrush that can tell you if you’re tugging on your hair too hard, but there’s something undeniably cool about the idea of it. 

While we can continue debating the merits of such products until we’re blue in the face, the fact is they are here to stay. And that’s shaping up to be a very big problem — and not just because our desire to simplify our lives is actually making our homes more complicated than ever.

In fact, the biggest threat posed by these objects is one we are only beginning to fully understand: security. Remember the exploit that took down some of the most trafficked sites on the Internet for several hours last fall? As we learned from security researchers, the source of the attack was a network of hacked DVRs and Wi-Fi-connected cameras that were hijacked to bring down the sites in a massive distributed denial of service attack.

More worrisome, security experts say, is that attacks like this will only become more and more common as manufacturers flood the market with smart devices with crappy security. 

“Theres no question we’ve only started to scratch the surface,” David Kleidermacher, Blackberry’s chief security officer, says of the attacks. “We’re going from about ten million to maybe hundreds of millions, ultimately trillions of these connected things.”

The problem, he says, is that the vast majority of the companies making these connected products aren’t adding the ability for them to be managed remotely, which would allow manufacturers to remotely push security patches when vulnerabilities are discovered. Instead, the product makers rely on the consumer to install updates — if they are even making them in the first place.

And it’s much more than your favorite websites that are at risk. Hacked devices could be directed to attack any number of things, from implanted medical devices to the power grid, Kleidermacher warns. Whether that kind of doomsday scenario would actually play out is another matter, though you can be sure the idea of it keeps more than a few security researchers up at night.  

But, hey, look on the bright side: at least we can worry about it from our app-controlled beds.  

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top