CYBER-SECURITY
is now part of all our lives.
“Patches” and other security updates arrive for phones, tablets and PCs.
Consultants remind us all not to open unknown files or plug unfamiliar memory
sticks into our computers. The bosses of some Western firms throw away phones
and laptops after they have been to China assuming they have been hacked. And
yet, as our special report this week points out, digital walls keep on being
breached. Last year more than 800m digital records, such as credit- and
debit-card details, were pinched or lost, more than three times as many as in 2012. According to a recent estimate by the Centre for
Strategic and International Studies, a think-tank, the cost to the global
economy of cybercrime and online industrial espionage stands at $445 billion a year—about as much as the GDP of Austria.
Now
a new phase in this contest is emerging: “the internet of things”. This
involves embedding miniature computers in objects and connecting them to the
internet using wireless technology. Cisco, a technology company, predicts that 50 bill ion connected devices will be in circulation by
the end of the decade, up from ii. billion last year.
Web-connected cars and smart appliances in homes are becoming more common, as
are medical devices that can be monitored by doctors many miles from their
patients. Tech companies are splurging cash:
witness
Google’s punt on driver less cars and the $3.2 billion
it has spent buying Nest, a maker of smart thermostats.
Such
connectivity offers many advantages, from being able to adjust your house’s
heating when you are in the office (or more likely your bed) to alerting your
doctor that your insulin level has risen. But it also gives malicious hackers
an easy way to burrow deeper into people’s lives. The small, embedded computers
at the center of the internet of things do not have as much processing power or
memory as, say, a smartphone, so security software on them tends to be
rudimentary. There have already been instances of nefarious types taking
control of webcams, televisions and even a fridge, which was roped into a
network of computers pumping out e-mail spam. And security researchers have
found ways of hacking into some kinds of medical devices and cars, though this
still requires specialist knowledge and kit. The wireless heart monitor of Dick
Cheney, America’s former vice-president, was modified to stop remote
assassination attempts.
Beware
the fridge in Eagling for the companies building the internet of things, its
vulnerability could be costly. The tactic of pumping out new software as fast
as possible and then issuing patches later to fix flaws in the code may be
tolerable if all that is lost is data, but if it involves personal safety,
consumers will be less tolerant. In order to avoid lurid headlines about cars
crashing, insulin overdoses and houses burning, tech firms will surely have to
embrace higher standards. Just as with computers and phones, there will be more
passwords and more updates, though that may make the internet of things less
easy to use—a blow for a business based on making life more convenient.
For
governments, the temptation will be to panic and do too much. They should make
clear that web-connected gadgets are covered by existing safety laws and
existing product- liability regimes: last year Japan’s Toyota was successfully
sued for installing malfunctioning, but not web-connected, software. Wrongdoers
should be punished, but the best prompt for securing the internet of things is
competition. Either tech firms will find ways to make web-connected gadgets
more dependable, or people will decide they can live without them. Who needs a
smart fridge anyway?
