US Director of National Intelligence James Clapper says that security agencies may use the Internet of Things (IoT) to carry out surveillance programmes in the future.
In a pre-prepared statement as part of the “Worldwide Threat Assessment of the US Intelligence Community,” Clapper made it clear that IoT devices pose a significant threat to cyber-security
“Smart devices incorporated into the electric grid, vehicles—including autonomous vehicles—and household appliances are improving efficiency, energy conservation, and convenience,” he wrote.
“However, security industry analysts have demonstrated that many of these new systems can threaten data privacy, data integrity, or continuity of services. In the future, intelligence services might use the IoT for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials.”
IoT, AI and VR
Clapper also identified artificial intelligence (AI) and virtual reality (VR) as other emerging technologies that are set to pose significant challenges to the intelligence community. In all three cases, however, the problem centred on the fact that new devices are being released with little testing and security requirements.
There have already been a number of instances of IoT devices being targeted by hackers to monitor victims or steal information. Early last year, Samsung was criticised after it was discovered that its Smart TVs were recording user activity and voice commands and uploading the data in an unencrypted form. Similarly, a Wi-Fi enabled Barbie doll has also been identified as a potential target for hackers, so whether it’s government authorised surveillance or criminal cyber-attacks, the IoT could certainly improve its security image.
Due to the sheer volume of data collected by the Internet of Things, privacy is often cited as a key issue. However, it is not just IoT manufacturers that must work hard to dispel these concerns. Governments have also been slow to react and will surely look to update compliance standards for connected devices in the not too distant future.