A recent survey by mobile security technology vendor BullGuard highlighted not only how popular the Internet of things is becoming, but the security issues it raises.
The survey of more than 6,000 residents in the UK found a disconnect between the growing number of people interested in buying Internet of things (IoT) devices and their abilities to secure those devices. More than a quarter of respondents said they are planning to buy IoT devices in the next 12 months. However, 66 percent of them are concerned about attacks against their devices, and 57 percent are worried about privacy breaches.
Meanwhile, 72 percent do not know how to configure a wireless router in a way to protect a home network, and even 22 percent of consumers who say they have advanced technical skills are not confident that they have the ability to keep their connected devices secure. The conflict between the demand for connected devices and the users' inability to secure them or the networks they're on presents challenges, according to BullGuard CEP Paul Lipman.
"Most of us have been working with Internet- connected devices such as computers, smartphones and tablets for some time, but the Internet of things is changing our perception of personal security, for both ourselves and our data," Lipman said in a statement. "It's not just those who consider themselves 'technophobes' that have these concerns—tech-savvy users are saying the same.” He added that “consumers are clearly not equipped to handle the myriad of security risks presented by connected devices."
The IoT is growing rapidly. Cisco Systems officials expect the number of connected devices—from cars and industrial systems to home appliances, security systems and children's toys—to grow from 25 billion in 2014 to more than 50 billion by 2020. Other vendors and industry analyst firms have varying numbers, but all expect a fast uptake.
Security experts worry that the increase in the number of connected devices will greatly expand the attack surface for hackers and other cyber-criminals. The debate around IoT and security touches on myriad issues, from determining whether certain devices need priority over others, to encouraging device makers to figure security into the design rather than bolting it on after the product is finished.
BullGuard officials also noted that the industry has not yet created common security standards for IoT devices, with most manufacturers taking their own approaches to security, which can create update procedures that are complex and difficult to carry out. There are several industry consortiums working on developing common open-source platforms for the IoT, with security among the aspects being looked at, but nothing has been standardized.
Meanwhile, the number of devices being developed and used continues to grow, and consumers continue to be concerned about security. While 66 percent are "very concerned" or "highly concerned" about attacks against their devices, 34 percent said they've already been through a security or privacy problem in the past. In addition, 78 percent said they were worried about viruses, malware, hackers and other security risks, and 66 percent were concerned about data that had been collected by the makers of their devices being used inappropriately or stolen.
The survey also indicated that more work needs to be done to educate consumers about what they can do to secure their devices, BullGuard officials said. Sixty-three percent of respondents said that in terms of their computer skills, they were "intermediate or advanced." While 81 percent said they could set up their own wireless router, 63 percent said they hadn't changed their router's password, and 49 percent said they didn't know how.
In the survey, many consumers—44 percent—said that the responsibility for securing their connected devices was with antivirus vendors, which were considered the top choice, ahead of device makers and Internet service providers.