I've spoken out before against the so-called "Internet of things" in our homes. They hold hidden dangers.
- Frankly, I don't see any need for a "smart thermostat" that can be adjusted from my smartphone, when that means someone else can hack into it and potentially invade my privacy.
- I think "smart security cameras" that I can operate from my smartphone, anywhere in the country, are an ideal tool for would-be burglars or home invaders, who can monitor them to select the best time to commit their crimes.
- "Smart door locks" are an invitation to hackers to open my doors for themselves - or just leave them open for their amusement.
Now comes the news that "smart appliances" have resulted in at least two hacks of commercial establishments.
Nicole Eagan, the CEO of Darktrace, told the WSJ CEO Council Conference in London on Thursday: "There's a lot of internet-of-things devices, everything from thermostats, refrigeration systems, HVAC systems, to people who bring in their Alexa devices into the offices. There's just a lot of IoT. It expands the attack surface, and most of this isn't covered by traditional defenses."
Eagan gave one memorable anecdote about a case Darktrace worked on in which a casino was hacked via a thermometer in an aquarium in the lobby.
"The attackers used that to get a foothold in the network," she said. "They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud."
Robert Hannigan, who ran the British government's digital-spying agency, Government Communications Headquarters, from 2014 to 2017, appeared alongside Eagan on the panel and agreed that hackers' targeting of internet-of-things devices was a growing problem for companies.
"With the internet of things producing thousands of new devices shoved onto the internet over the next few years, that's going to be an increasing problem," Hannigan said. "I saw a bank that had been hacked through its CCTV cameras, because these devices are bought purely on cost."
There's more at the link.
Greater convenience versus poorer security. Guess what's more important, at least to anyone with common sense?