In 2016, Gartner estimated that 6.4 Billion connected devices would be in use. Plugging all aspects of daily life into the Internet is no longer hypothetical – it is happening on a massive and global scale. But with the Internet of Things (IoT) comes glaring security issues that have yet to be fully addressed.
These are some of the top reasons why connected devices often lead to security breaches.
It happens all the time in the smartphone world. Devices become obsolete and with that cease in manufacturing goes any technical support for those devices. While consumers can still own and use outdated devices, security holes are left un-patched with no help in sight.
Connected car company, Tesla, rolls out new updates every 12-18 months, leaving older models in the dust. This fast pace isn’t uncommon with other connected devices as well.
In turn, consumers are left with an expensive device that could allow hackers a long and leering glance into private information. Hackers (having discovered how quickly IoT devices become obsolete) wait to prey on connected devices that are outdated.
Failure to Update
Another problem with connected devices is that many people do not know how to update firmware. A recent Ubuntu poll showed that 31% of consumers (out of the 2,000 polled) updated devices regularly. Further, 40% of those polled had ever completed a device update.
Why? Most consumers believe that security fixes and updates are the responsibility of device manufacturers.
Neglecting to update software leaves known security flaws intact. It’s easy for hackers to find devices that have not been updated, but hard for either manufacturers or consumers to take responsibility for those updates.
No Real Regulation
When security flaws are detected, companies often scramble to send out a patch for those security holes. When it comes to updating connected devices, few companies have ways to send out a patch for known security issues. The reason why this happens is directly related to cost.
Most connected devices are built offshore from cheap parts. Those parts are manufactured by different companies. The company that fills the demand for a specific part and sells it at the right price wins. Eventually, those devices (and parts) are rebranded and sold under the name of a major manufacturer in North America.
Offshore companies that manufacture parts quickly do not spend any time or money on following-up software with security fixes. It’s simply not worth the expense. What’s more important is mass production – how many devices can be manufactured, shipped, and sold in a short period of time. When a security breach happens, it is nearly impossible to track down someone that can fix the problem. It’s like finding that proverbial needle in a haystack.
Working Towards Improvement
Fixing IoT security is a multifaceted process. Governments have already begun cracking down on tech companies by insisting on security regulations and improvements, but consumers need to do their part, too. Even though manufacturers should provide security support for connected devices, consumers must also update firmware when necessary.
IoT security flaws won’t be fixed overnight. But now that these flaws are known and exposed, both manufacturers and consumers can work towards making connected devices more secure.