In-brief: digital ‘exhaust’ emitted by Internet of Things technologies may pose the biggest risk to personal privacy and security a researcher warns.
Wired has an interesting interview with Ken Westin of the security firm TripWire about security concerns emanating from the Internet of Things.
Westin, who works as a security analyst for TripWire states the obvious: ‘spamming refrigerators aren’t your biggest worry.’ That refers, obviously, to the now (in)famous example from that Proofpoint report from last year. (Security Ledger has already written about some of the issues that report raised – not the least of which was whether Proofpoint actually observed a spam-spewing smart refrigerator to begin with.)
[Read more Security Ledger coverage of Internet of Things.]
But from there, Westin’s observations about where risk might lie in the (consumer) Internet of Things is worth reading. In particular, Westin worries about the composite risk that results from so much personal data being collected from our environments, bodies and online activities.
“As we interact with our devices there’s this trail of digital exhaust that we leave behind,” he says. “Once you combine this data and create very rich profiles of people, I worry that it’s going to be the death of privacy.”
In the future, he worries, the danger isn’t so much from hacking IoT devices – that just gets you information on a single user. Rather, he worries that the agglomeration of granular data within cloud repositories, application servers and other infrastructure that backs the IoT will prove too rich a target to ignore.
From the article:
Westin says the worst case scenario might be espionage: countries hacking Internet of Things servers to get dirt on political officials. But for most of us, the risks will likely be the possibility of mildly to severely embarrassing information finding its way into the wrong hands.
Today’s black hat databases of credit card- and Social Security numbers may soon add columns for health and biometric data, records of your movements and so on.