Our homes, cars, devices, and lives are all being integrated into the internet. Are we ready for what that means? Here's everything you need to know:
What is the "Internet of Things"?
It's the new buzzword for the rapidly developing phenomenon of household, personal, and business devices that are wirelessly connected to the internet. These "smart" devices can respond to sensory input and other data without direct human commands. Over the past decade, the number of smart gadgets has exploded to 14 billion worldwide. In the new hyperconnected world, you can have your health and fitness monitored 24/7 by "wearables," like smartwatches, and pill bottles that alert you or a caregiver when you miss a dose. While at work or away on a trip, you can change the settings on home heating and air conditioning or monitor and feed pets. Smart refrigerators can use internal cameras to assess their own contents, devise a grocery list, and do the week's food shopping online. In the not distant future, says Google CEO Eric Schmidt, the IoT will be ubiquitous, and the distinction between what's online and offline will disappear. "You won't even sense it," says Schmidt. "It will be part of your presence all the time."
What are the benefits?
There are many. A new device aimed at preventing Sudden Infant Death Syndrome provides parents with real-time information about their infant's breathing, body position, and other data, alerting them via smartphone if something is wrong. Doctors can now monitor patients with Parkinson's or cardiac arrhythmia via wearable sensors. A smart coffee pot can tell when you've slept badly, and make stronger coffee. Sensors embedded in roadways and bridges can warn a car's GPS of traffic jams, so the driver can take another route. But constant connectivity also comes with a price: Any device connected to the internet is vulnerable to snoopers and hackers. "What we've done is blindly assume that [connectivity] is always good," said security expert Josh Corman. "And we're making really horrible, horrible choices."
Why the concern?
First, there's the privacy problem. The more we connect, the more information we feed to electronic eavesdroppers. Take the Apple Watch: In theory, this one device could tell hackers who you are, including your name, address, and credit card details; where you are; whether you're moving or sitting; and where you usually spend your time. The same is true of most smart devices, which collect huge amounts of user data and then relay that personal information back to the device's manufacturers and app designers — who are legally able to sell the data to third parties, such as insurance companies. "Historically, our built world has been relatively inert," says Lee Tien of the Electronic Frontier Foundation. "It's like the TV in your living room — you watch it but it doesn't watch you. That is all changing."
How secure are smart devices?
About 70 percent of these smart gadgets have serious security flaws, according to a 2014 report by HP Security Research. Once hackers break in, they can cause incredible mischief and damage — as a number of security researchers have deliberately set out to show. One group recently hacked into a smart doll called Cayla and made her spout filthy passages from Fifty Shades of Grey. Two other benign hackers remotely broke into a Jeep's internet-connected system, abruptly cutting the car's transmission as it was being driven at 70 mph down the highway. In theory, hackers could make a connected house act as if it had been taken over by poltergeists. "If consumers don't realize this is an issue, they should," says Charlie Miller, one of the hackers.
Do any laws govern the IoT?
Last year, the National Security Telecommunications Advisory Committee warned in a report to President Obama that there was a "small — and rapidly closing — window" to protect smart devices from serious security threats. These threats aren't just home-based, either: Many cities use internet-connected networks to manage their traffic systems and even their air traffic — opening the possibility of a much more devastating hack attack. Rep. Darrell Issa (R-Calif.) has helped launch the Internet of Things Caucus to propose regulations and security practices. The problem, says Issa, is that most senators and congressmen "still don't know what the Internet of Things is."
Is it too late to turn back?
The IoT appears to have taken on an unstoppable momentum. The number of connected devices is projected to soar to 50 billion in the next five years, according to chipmaker Intel, and could be worth a staggering $11.1 trillion by 2025. That will create a massive new need for sound consumer security practices. Today, most people don't bother to protect household smart gadgets with a username and password, even though one weak link can allow hackers to access your whole chain of devices — allowing them not just to burn your toast but also to turn on the spy cameras or even crash your car. "We as a community need to look holistically at all the emerging technologies," warns security specialist Yoshi Kohno of the University of Washington, "and not just say, 'Oh, it's a toaster, it doesn't matter.'"
Hacking into a hospital
Even on the operating table, we're now vulnerable to a hack attack. When Scott Erven was invited to test the internet security at a chain of Midwestern hospitals, he was appalled by how easy it was to break into the hospitals' networks and assume control of their medical devices. Using phishing techniques — or sometimes even simply typing in the username "admin" and the password "1234" — Erven was able to take over sensor-driven surgical robots, morphine drips, and even Bluetooth-connected defibrillators, which he could have used to administer lethal shocks to patients' hearts. Former Vice President Dick Cheney had the wireless capability of his own defibrillator disabled in 2007 to prevent terrorists from doing that to him. Unfortunately, says Erven, that kind of vigilance is rare. "Many hospitals are unaware of the high risk associated with these devices," he says.