Consumers want a fully connected life – but at what cost?

By on Feb 19, 2020

Convenience has always, and will always be king. That’s why it’s no surprise that the average person is collecting connected devices left and right and is expected to own 15 connected devices by 2030. While they vary from person to person, recent research shows that the most popular connected devices tend to be smart meters, speakers, activity trackers, and TVs. That said, customers are curious and are keen to go even further, adopting the latest and greatest when it comes connectivity. This could mean anything from a connected toaster, washing machine or garage, but for many, the connected car is the ultimate toy.

The consumer appeal behind device adoption is understandable – they’re entertaining and they make menial, everyday tasks easier to accomplish. A recent study on connected devices by TechUK found that 42% of consumers agree that both qualities are key drivers in their adoption – a similar finding seen in North America and across Europe. This is a huge shift in sentiment from years before when most consumers considered connected devices to be too complex and costly to be worthy of purchasing.

More 5G, more problems? 

As the demand for continuous connectivity grows, 5G will completely reshape the way consumers interact with the world around them. However, with more devices coming into homes, concerns around the way personal data and information is managed, controlled and used by organizations are starting to come into question.

Recent research shows that many consumer worries are specifically based on safety and security related to products being unreliable, data breaches, as well as a lack of trust in smart technology manufacturers. In short, this shows worryingly low levels of trust for suppliers and a lack of knowledge about what fail-safes solutions are in place in case of emergency.

These concerns aren’t unwarranted. Over the past few years, consumers have been witness to some of the worst data breaches and cyber-attacks in history, and many have had a front seat to the growing number of IoT attacks taking hold of homes across the globe. These aren’t our parents’ attackers – today’s cybercriminals are savvy, smart and are fully aware of the lack of adequate security controls on many of these devices, leaving them in a perfect position to cause chaos.

Unfortunately, they’re doing a great job so far. Recent figures show that the total number of IoT malware samples grew 154% over the last year and just recently, McAfee Advanced Threat Research discovered a vulnerability in the Chamberlain MyQ Hub, a garage door automation platform, as well as an insecure design in the McLear NFC Ring that could allow an attacker to easily clone the ring and gain entry to a consumer home.

Next-generation concerns    

There’s no debate that analytics are key to making every day technology smarter, faster and more efficient. They’re integral to the evolution of artificial intelligence (AI), reinforcement learning (RL) and robotic process automation (RPA) as well as cutting-edge consumer technologies like the connected car.

Nearly every modern vehicle uses state-of-the-art sensors that use analytics technologies like AI and ML. These technologies are specifically designed to automate many of the functions that humans would traditionally have done. These can include – but are not limited to – rain-sensors on the windshield to control wiper blades and sensors which detect objects to help avoid collisions.

As these technologies are central to the functionality of autonomous vehicles, researching potential weaknesses in the underlying systems has been key. To do this, the McAfee Advanced Threat Research Team (ATR) and the Advanced Analytics Team (AAT) recently came together to study how AI models within autonomous vehicles could be targeted by adversaries – a process now referred to as “Model Hacking”. To fully understand the potential for threat, the teams focused their efforts on the broadly deployed MobilEye camera system, which is currently used in over 40 million vehicles, including one of the leading connected car manufacturers. Through their research they successfully created a black-box targeted attack, causing the camera to misclassify a 35 mile-per-hour (mph) speed limit sign as 85 mph. This resulted in the vehicle increasing its speed to 85 mph on its own.

While it’s currently unlikely that this type of attack would be used to do harm, being able to get ahead of the problem and understand where potential risks lie is vital. It is also important that industry leaders work together to shift perception that machine learning and AI systems are automatically secure in order to drive success in autonomous driving. This means opening up the discussion and raising awareness of the problems and pitfalls to steer the direction and development of safer next-generation technologies.

 

Taking security into their own hands

Despite the valid concerns around safety, security and information management, the rollout of 5G will only continue to encourage the use of smarter and more efficient IoT devices. But how can consumers fully enjoy the benefits of these new technologies when the most malicious actors continue to evolve and exploit the existing – and arguably – sometimes lackluster security controls in place? Get in control! Consumers must take a stand to safeguard their homes from within and start asking the question – is this device secure?

Running point on your online security may seem overwhelming at first, but it’s possible to both reap the benefits of your connected devices while staying safe – here’s how:

  • Practice proper online security habits: The silver lining of all this security chaos is that there are now countless ‘best practices’ consumers can quickly adopt. These include implementing a strong password policy, putting IoT devices on their own, separate network, and utilizing a dual-factor authentication when possible.
  • Do your research: Before purchasing a new IoT device, take the time to look into its security features and understand the security risks associated. Ensure you have the industry knowledge to make sure you’re buying the safest tools available on the market.
  • Buy through trusted advisors. Some brands have your best interests in mind and unfortunately, some don’t. Being able to identify which ones do can make the difference between being a victim or not.
  • Act: While the accuracy and agility of intelligent systems offers convenience, don’t assume any sort of hiccup is just a fluke. If something seems off with the technology, raise the issue to the manufacturer.
  • Always update: Part of the convenience of connected technologies is they have the ability to update remotely—when one of these such updates is offered by the manufacturer, make sure to take the time to do so as soon as possible.

Of course, the onus does not fully fall solely on the consumer. Brands must do their part in ensuring the supply chain is secure and that consumers’ online lives are fully protected from end-to-end. Doing this starts with designing IoT devices with security in mind. IoT manufacturers must embed security into the architecture, interfaces, and designs of their products. They must ensure device identity and authentication are a part of the provision and configuration process and must work with consumers to empower them to apply proper administration and management throughout the lifecycle of their device.

From 5G and autonomous cars to smart cities and AI, the next few years will no doubt be a transformative time for technology. Though for organizations and consumers to get the full benefits from these technologies, the industry must work together to eliminate risks from the inside out. Sharing the responsibility of safety will be a crucial part in tackling the insidious threats facing us today. It will ensure consumers all across the world will be able to stay connected and live an increasingly digital, convenient and efficient life.

About the Author

Raj Samani

Raj Samani is Chief Scientist and McAfee Fellow for cybersecurity firm McAfee. He has assisted multiple law enforcement agencies in cybercrime cases, and is a special advisor to the European Cybercrime Centre in The Hague. Samani has been recognized for his contribution to the computer security industry through numerous awards, including the Infosecurity Europe hall ...

Read more posts from Raj Samani

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs