The past decade and a half has seen monumental developments in the technology world. Unlike the world of yesteryear where the products that we bought simply existed on their own (your microwave oven, for example, would just cook food once you'd pressed some buttons on the front) more and more of the things we buy and are surrounded by are able to connect to entire networks and transmit data over them.

We call this the Internet of Things.

secure-internet-of-things-iot

Although the term was officially coined in 1999, the very first Internet appliance was a Coke machine which was engineered by some Carnegie Mellon students in 1982 to tell them if a cold drink was available. Nowadays, IoT devices include everything from your smartphone (which may have Wi-Fi, cell data and Bluetooth), your credit card (which may have NFC), your television and even your own body which can be fitted with devices that either tell doctors more about your health or allow them to administer medication from afar.

And this connectivity can be seen in every industry from agriculture and automobiles to utilities (gas and oil etc.) and home appliances. For consumers it's helpful when they are able to do things such as control their thermostat from afar or being able to locate their car in a packed parking lot. Meanwhile, those using IoT for monitoring purposes (e.g making sure that a piece of machinery is performing properly or looking at pollution levels in a section of the ocean) can help boost the general of safety.

The many benefits of the Internet of Things is why it has so rapidly expanded into every industry and why adoption is in no risk of slowing down soon.

How the Internet of Things Works

The Internet of Things can be broken down into three main levels: the 'thing' itself, the network that these things are connected to and the systems that process and/or store the data that the devices send them.

Each device must be fitted with some sort of sensor in order to collect and transmit the data. These may be sensors that communicate the device's location, its temperature or whether its moving or not. Many devices (such as today's smartphones) have multiple sensors embedded in them.

Then, once that data is ready to go it will be sent off via the world's many wireless communication networks. For example there's Wi-Fi and Bluetooth which both use radio frequency to transmit data across short ranges, Bluetooth Low Energy (BLE) which does the same thing with less power consumption and RFID (Radio-Frequency Identification) which uses electromagnetic fields.

Although it's possible for people to create smaller networks, devices such as smart TVs and the Siri virtual assistant in the iPhone are part of larger networks in which the data is transmitted to distant servers. These servers then relay information back to the user or another device (e.g if you've used your smartphone to turn on your thermostat) to complete the task.

The Security Issues of the Internet of Things

However, although these potential exploits may be scary, there are ways to stop them from happening.

One way to prevent these attacks is by utilising secure code reviews to identify attack vectors before the software makes it into the hands of the consumer. Secure code reviews allow teams to analyse the source code behind a piece of software (including applications and the device's operating system itself) to identify problem areas and figure out what can be done to close off these potential attack vectors.

There are also vulnerability tests and penetration tests where your devices are pitted against the methods that a hacker would use, except in test conditions these things aren't being done for malicious reasons.

For example, penetration tests (which are often called ethical hacking) replicate the sort of attack that a hacker would carry out and it allows the developers to see how your network would stand up to even the smartest of hackers. Vulnerability assessments, on the other hand, test your network against well-known vulnerabilities by using automated and semi-automated tools to test the network's overall strength.

Combined, these evaluations help to identify trouble areas and allow you to protect yourself from hacks now and with periodic re-testing. These methods represent the best way to ensure a secure IoT during the development phase of a product, but also to protect you in the future.

How are you getting up to speed with your modern appliances?

At Advantio our developers are information security experts, able to provide assurance that the device you are using, building, or developing is secure.

With us, you won't have to worry about security as our secure code reviews and our security tests ensure that you're protected against an attack long before a hacker ever has the chance to strike.

Igor Mancini

Written by Igor Mancini

Marketing Director at Advantio. The articles published in the Advantio Blog have the goal of supporting our mission: making IT Security simple for everyone.

My intention is to discuss IT Security related topics with the eyes of a non technical person, speaking a simple language and trying to show to the readers the benefit of IT Security best practices.