The Internet of Things (IoT) which is the connection of devices around us and sharing of information over the internet is a revolutionary concept. IoT devices are very helpful and innovative and can be found in all walks of life such as fitness trackers, health monitors, industrial machinery and even automobiles. However, there are important privacy and security issues arising from this connection which cannot be overlooked.
Privacy Challenges
Comprehensive Data Gathering. In the recent past, there has been a huge creation of data in regards to environmental, behavioral and personal data through the use of IoT devices. Google Nest and Amazon Echo are some of the smart home devices that capture user's preferences, activities, and even voice recordings. Other personal information including information on the individual's health is also collected through wearable fitness devices. Such practices raise a number of concerns on the extent of surveillance as well as the potential for misuse given this constant collection of data.
Insufficient User Control. Due to the fact that the interfaces of most of the IoT devices are limited, consumers may not be able to control or even see what kind of data is being collected and shared. For instance, a smart refrigerator may be tracking consumption patterns without allowing consumers to opt out of the data collection This lack of transparency therefore poses a huge imbalance between the people and the companies creating the technologies.
Data Exploitation. Such data generated by the third parties IoT without informing also getting users' data. Such data is valuable and may these result into intrusive either targeted advertising, sold by differential treatment companies or any other form of unethical use. For example, insurance organizations may leverage the information gathered individuals' on health or driving habits to set premiums arbitrarily.
Geolocation. It is also one of the activities that can be performed by many IoT devices like the GPS watch, smart cameras, and trackers for cars that provide real time location information. This data can be obtained by unauthorized persons and used in a way that violates the privacy of individuals, for example, for stalking or monitoring of people's movements.
Security Challenges
Weak Security Protocols. Due to cost constraints and the rush to market, many IoT devices are manufactured with minimal security features. Some of the common vulnerabilities include using default passwords, not updating firmware and using unencrypted protocols. These are some of the areas that cyber-criminals use to gain easy access into systems.
Botnet Attacks. IoT devices are very often used in botnet attacks. In 2016, the Mirai botnet targeted those IoT devices that were easily hackable and used them to launch distributed denial of service (DDoS) attacks that affected many big websites and services. Such incidents reveal how vulnerable devices can be in the hands of cyber criminals to multiply the threats on the global level.
Physical Security Risks. Sometimes the security of IoT can be tampered with and this goes beyond the digital aspect to the physical aspect. For instance, it is possible to hack smart locks and gain entry into houses, while hacking of medical IoT devices like insulin pumps or pacemakers is dangerous.
Cross-Device Vulnerabilities. This means that the IoT devices are usually connected and these devices can be interconnected. This means that a vulnerability in one device can be used to gain entry into the entire network thus increasing the chances of an attack. This means that the IoT devices are usually connected and these devices can be interconnected. This means that a vulnerability in one device can be used to gain entry into the entire network thus increasing the chances of an attack.
