My Neighbor Hacked My Toothbrush: The Cybersecurity Implications of IoT

University of Edinburgh Deputy CISO Garry Scobie joins us on the Business of InfoSec Podcast to discuss the implications of IoT on our homes, our cities, and our lives

Smart devices have proliferated rapidly in recent years, from TVs to fridges, front doors, and yes, even toothbrushes. But what are the cybersecurity implications of having so many devices attached to the internet?

In this, the very first episode of the Business of InfoSec Podcast, University of Edinburgh Deputy CISO Garry Scobie joins us to discuss the cybersecurity implications of the internet of things (IoT), and provide advice on how to protect yourself in an increasingly connected world.

“If you think about technology and the rapid increase from where the internet began to where we are today, it’s like night and day. And the explosion in the last five years of connecting homes, what they call smart homes and smart cities, I’m often asked is it inevitable?” Scobie says. “And the answer is yes, it is absolutely inevitable.”

Inviting ‘Big Brother’ Into Your Home

Modern appliances can do many useful things for us. From AI-powered fridges to app-connected kettles, and keyless entry locks.

While internet-connected devices in the home can unquestionably provide many benefits, we may not have fully explored the associated risks. A situation that Scobie compares to George Orwell’s classic novel, ‘1984’.

“George Orwell never foresaw that people would start voluntarily micing up their front rooms for the internet. It’s that type of thing that I think we’re sleep-walking into,” Scobie says. This whole idea that it doesn’t matter what it is, we can connect all these kinds of devices to the internet.”

Once installed, it is very difficult, if not impossible, for consumers to know what information their devices are collecting, to whom it is being sent and what it is being used for.

“In a sense, we are in a surveillance society as it is,” Scobie warns. “But the more things that we connect up in our homes, the bigger the danger in terms of surveillance.”

Keeping Your Devices Safe From Hackers

While many people know about the dangers of webcam hacking on personal computers, they may be less aware of the risks associated with smart devices in the home.

In fact, any connected device has the potential to be hacked. And even something as innocuous as an internet-connected kettle could provide a hacker with an entry-point to your home network.

“Exploits can be discovered on these devices after purchase and then they can become vulnerable. So, if you can’t update the software or the firmware for these devices, you shouldn’t install them,” Scobie recommends.

He continues: “Secondly, I would ask for people to do their homework, read reviews online, check to see what others are saying. Find out if it is collecting data, and if it is, where’s it is being stored and for what purpose.”

One of the biggest dangers is that a smart device might lead to the compromise of your home network and all of the devices on it. For that reason, creating a strong password for your home network is essential.

“Protect your home router. Make sure you change the default passwords, and make sure it’s something strong,” Scobie recommends. “Because that’s the thing that’s sitting between you, the internet, and the bad guys.”

Key Findings

Smart appliances are everywhere. From smart homes to smart cities, internet-connected devices are fast becoming the norm.  

Do your due diligence. Before installing smart devices, make sure you know what data is being collected, and what it will be used for.

Do the basics to protect your home. Make sure to keep internet-connected appliances patched and up to date, and make sure all default passwords have been changed.