Guest Post By Jacelyn Brown on March 14, 2017
It sounded like something from the National Enquirer: another attention-grabbing headline to put alongside sightings of Elvis on the moon, and alien reptiles in Buckingham Palace. Yet the recent Wikileaks report, stating that the CIA can use smart televisions to monitor us, created quite a media storm. In fact the revelation was covered extensively by media outlets across the world.
There is no doubt that all the smart devices that make up the Internet of Things have the potential to improve our lives by making our homes more convenient, businesses more efficient, and cities less polluted. However, a growing number of people are becoming increasingly concerned about the threat of being hacked and spied on. Is this just irrational paranoia fuelled by yet another media frenzy, or is the recent spike of concern justified?
Well if Wikileaks (an award-winning organisation that publishes secret and classified information from anonymous sources) is to be believed, perhaps our fears are justified. Over the past ten years, it has built up a reputation for disclosing some of the biggest news stories, and has become a cautiously trusted source for some of the world’s leading media companies and newspapers. This latest disclosure alleged that the CIA did indeed exploit vulnerabilities in Apple and Google’s software to use smart TVs as transmitters by remotely enabling the television’s built-in microphone while it appears to be powered off. The dossier claimed that the CIA developed this and similar snooping techniques with other foreign agencies, including British Intelligence. It further alleged extensive infiltration of smartphones and hacking capabilities that “exceed mandated powers.” Even though the allegations made by Wikileaks were reported extensively by the British National and American Press, the response from governments on both sides of the Atlantic has been muted. In a subsequent press release, Samsung simply reiterated that they take consumer privacy and security very seriously.
Since the story broke, technical experts in the field of cyber security have come forward to say that the threat of the average person getting hacked is reasonably low providing they take precautions. Recommendations include following manufacturers' guidelines, and using complex passwords.
What the media failed to make clear in many cases is that, in order to carry out many of the hacks referred to in the report, would-be hackers would have needed physical access. If devices are correctly installed, it is unlikely that they will be accessed remotely and therefore successfully compromised by malicious hackers.
Privacy advocates, and manufacturers continue to make sure that end-users remain protected from cyber criminals and malicious surveillance. Their endeavour grows in importance as our lives become increasingly entwined with the IoT, but we too have a duty to remain vigilant in the same way that we take steps to protect our homes against physical intruders. Recommendations include purchasing high-quality products from reputable suppliers, following makers' instructions, and always using strong passwords. Also, using end-to-end encryption whenever possible, will also drastically reduce the attack surface, and as a result the likelihood of falling victim from snoopers and malicious hackers.
© Simon Montford (WEB3IOT), 2014-2019. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Simon Montford and WEB3IOT with appropriate and specific direction to the original content at web3iot.com.