The convergence of the Internet and physical objects has given rise to the ‘Internet of Things’ (IoT)- a technology paradigm that is transforming the way objects connect with each other and ultimately, impacting our lives.
Despite its futuristic connotation, the reality of IoT is not as far-fetched as it seems. In Singapore, smartphones or tablets make perfect bed partners, with one-in-two users sleeping with their devices within arms’ reach . It is also easy to identify with a scenario of a user accessing his Internet account at work on a PC and being able to see real-time feedback on his mobile devices as well. As long as the user is connected to his Internet account, all of his devices are synced and share the same information. This simplified example of IoT is extremely convenient, but also incredibly dangerous.
Situations where accounts are broken into with information on personal devices such as a smartphone, tablet or laptop being compromised or eventually remotely erased are now lesser than six degrees of separation. As more and more devices become connected to the Internet, this poses a threat that is equal to, if not greater than, the convenience it provides. As machine-to-machine (M2M) adoption increases, this threat will only multiply.
Powered by M2M adoption
The promise of IoT resides in machine-to-machine (M2M) adoption where isolated machines connect to the Internet. According to the 2013M2M Adoption Barometer , 62 percent of companies in Asia-Pacific would have adopted M2M over the next two years, with half of all businesses worldwide having embraced M2M technology in the same period. This growth in M2M adoption is spurred by improved technology and the falling costs of M2M hardware.
Mobile network companies and wireless service providers are increasingly investing in M2M – after all, they provide the infrastructure and framework that power the IoT. For example, the humble smartphone can now be a conduit to complex home automation systems, enabling home owners to control their entire home ecosystem of appliances and security systems remotely. Another example is parents at work are able to keep an eye on their children at home, and adjust their home security system settings on the go.
It’s no surprise then that consumers are using their smartphones for an increasingly wide range of activities. Recent developments in radio-frequency identification (RFID), near field communication (NFC) and QR codes and their application in consumer products have escalated the potential of IoT to permanently change the way technology is used but at the same time, have also presented more opportunities and avenues of attack for cybercriminals.
Addicted and At-Risk
With rapid adoption of M2M, a new risk arises – where a single breach in any machine or device potentially exposes a whole range of connected devices, some of which have access to enterprise networks and their confidential information. Symantec’s Internet Security Threat Report Volume 18 revealed that there has been a dramatic increase in mobile malware in the past year, with a 58 percent increase in mobile malware families, meaning that mobile malware now accounts for 59 percent of all malware to-date.
Even as companies develop IT strategies to address the ‘bring your own device’ (BYOD) movement, the question remains how to control the flow of data from device to device. If consumers connect their mobile device to their household system, and then connect their mobile device at work, cybercriminals have a clear path of attack – tracing back to household systems and the IoT at play.
In Singapore, where smartphone penetration is now at 78 percent , this connectivity of devices takes on increasing importance as more people begin to blur the lines between work and play while using their mobile devices. According to the Norton Cybercrime Report 2013, more than one-in-two (59 percent) working adults in Singapore use their personal devices for both work and play, with another one-in-four (26 percent) letting their kids play, download and shop on their work devices.
Protect What Matters
With cybercriminals evolving to take advantage of these mobile platforms, the onus is up to the consumer to take the necessary steps to protect himself and his devices, and for enterprises to develop mobility strategies that best protect themselves while offering employees the convenience to use their own devices at work.
IT departments looking to protect their enterprise environment while supporting mobile initiatives will need to plan an enterprise mobility strategy that takes several factors into account; such as user and app access, app and data protection, device management, threat protection, and secure file sharing. They will also need to consider best practice security guidelines for any mobile device that employees wish to bring into the workplace.
As increased M2M adoption connects millions of devices, security companies will need to work closely with telcos and Internet Service Providers to minimise the accompanying risks, and ensure that the risks associated with the IoT is minimised – lest we end up in a future with an Internet of Dangerous Things.
Eric Hoh is Vice President for Asia South Region, Symantec