Over a million developers have joined DZone.

IoT Security Risks: Real Examples

DZone's Guide to

IoT Security Risks: Real Examples

Let's examine three popular IoT spheres (webcams, healthcare, and self-driving cars) to see how vulnerabilities can appear and how to tackle them.

· IoT Zone ·
Free Resource

Download The Comparative Guide to Rules Engines for IoT to learn what are the most common automation technologies used in the IoT domain for application development

Every new technology comes with great benefits, but of course they all have their risks. We analyzed three types of IoT applications that might be vulnerable to security threats: webcams, patient monitoring, and smart vehicles. If your IoT application involves any of these, here we present some reasons why you should be extra careful, and of course how to minimize the risk

1. Webcams

Remember when Mark Zuckerberg celebrated Instagram reaching over 500 million monthly users using a cute cardboard cutout? You could see he had a tape over his laptop camera (see below). The former FBI director did the same, and they surely have a reason for it. 

Image title

The struggle is real. Most hackers and even average tech enthusiasts can access public and private cams around the world. Tools like Shodan.io enable average tech users to access remote web cameras. And that doesn't even cover other creative and dark ways to do it. 

The job of any business is simply to come up with products or services that customers are willing to pay for. Customers pay for explicit value: The exact reason they buy something. Meaning complementary features such as security or privacy are not at the forefronResultado de imagen para webcamt of their wants, and as a result, businesses don’t put as much effort into these aspects of their products. We know MVP (Minimum Viable Product) as basic/cheap versions of products that have been already tested in the market that do not have secondary features. 

As a result, providers just don’t fabricate secure devices and won’t assume extra costs. And customers don’t perceive any value if not applied. It means that they will only recognize the value of security when they feel vulnerable and become exposed — they only care when it’s too late.

2. Connected Patients

care, clinic, disease

As we mentioned in earlier posts, the IoT enables you to monitor not just medical equipment, but people as well. 

Billy Rios, an IT security expert, advised that malicious hackers could access equipment to speed patients' heart rates up. Also, drug infusion pumps could be modified to alter the amount of morphine or antibiotics provided to the patients. 

How Can Healthcare Providers Combat Hackers? 

There are lots of techniques you can use to make your IoT initiative more secure. Rios specifically mentions two:

One step is to authenticate. Doing so limits devices' connection and access, verifies firmware, and tracks device-to-device communication. It's a must that could save you from most novice hackers. 

The second step is encrypting, the process of making information completely unreadable to all but specified programs or people. If your data is encrypted and a hacker reaches your personal or corporate information, at least it will take them a good while trying to figure out the puzzle. 

3. Connected Cars

There are some security experts who have shown how security systems of big automotive brands could be vulnerable. A quick Google search even points out DIY articles of amateurs hacking cars. One of the most famous examples was featured by Wired, showing how two experts took absolute control of a Jeep. Want to see what happened? Here it is:

Wrap up

As everything gets connected to the Internet, more malicious parties will get attracted to them and attempt to do harm. If we consider that this industry is going to grow rapidly, so does the risk. Here are the most important lessons you should follow:
  • Rely on the best providers. One of the main reasons devices are unsafe is that some low-quality providers sacrifice security to reduce costs. Be sure to do your research and don't be afraid to spend a little more resources on securing your product, it's crucial in the long run.
  • Be aware. As technology develops, so do the security risks. There are always new updates and threats you must consider in your future IoT projects.  As an IoT maker, you should think first of your customers' wellness, security, and privacy. Think of this. Even companies like Google or LinkedIn that center their efforts on security have been exposed. 
  • Mind the process. Secure technology (authentication, encryption, testing, etc.) is the minimum expected level of security. Even with perfect technology, data can be exposed through human beings. Focus on the humans that interact with the process that your IoT project affect, and make sure they are aware of how they can help keep information and devices safe from third parties.

See how CEP engines, stream processing engines, flow based programming engines and other popular rule-based technologies perform against seven IoT-specific criteria.

iot ,iot security ,connected devices ,healthcare ,driverless

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}