A report from Gartner, Inc. predicts that by the year 2020 there will be 25 billion connected devices in use. This year alone, connected devices in use are expected to reach 4.9 billion. These connected things include smart home automation devices and other consumer connected products, such as smartwatches and health trackers, connected vehicles, and smart infrastructure used in smart buildings and cities.

Connected devices are supposed to make life easier, automate tasks, and even help reduce consumption of utilities. But do you really sleep much better knowing that almost everything in your life could be monitored and controlled using a smartphone, especially with hackers just waiting for the right time to attack?

There are various reasons why people hack, including monetary gain, access to top secret information, or even to prove a point that a system is fallible. So why do we want everything to be connected to the Internet when we know that hackers are going to be here as long as there is something that connects to the Internet?

Things that should never have been connected to the Internet

Medical devices

In 2011, security researcher Jay Radcliffe revealed that medical devices, such as an insulin pump, can be hacked and the attacker can alter the dosage and schedule of the insulin release. What’s even more alarming is that even pacemakers can be hacked, and the attacker can perform a mass murder with the use of a code. The Food and Drug Administration (FDA) even issued a warning that medicine infusion pumps are vulnerable to attacks. Despite these vulnerabilities being discovered years ago, not much seems to have changed.

Drip. by Instant Vantage on 2013-07-09 16:06:13

During the hacker conference DerbyCon, security researchers Scott Erven and Mark Collao revealed that thousand of critical medical systems, which include MRI machines, X-ray machines and more, are sitting ducks for hackers. The researchers used Shodan, a search engine for Internet-connected devices to find exposed software, and they discovered “misconfigurations and direct attack vectors.”

In some cases, medical devices were infected with malware that moved laterally in the network to find vulnerable computers and steal data. Erven and Collao also ran fake medical machines and discovered numerous attempts to hack the devices or even download malware.

Hackers getting into medical data is quite terrifying, as they could easily alter patients’ records. Allergy information, blood type, medications being taken, medical history — this information when altered or removed from a patient’s record could be fatal.

Semi-trailer trucks

Earlier this year, a driver caught on video a careening semi on the New Jersey Turnpike that almost hit him. The cause of the accident was black ice, the sheet of thin ice on asphalt that makes it very slippery. If nature can do is, imagine what hackers can do when they can control a huge truck?

Semi in 7 wide by psiaki on 2008-08-20 11:34:47

Daimler AG was awarded a license to test its Freightliner Inspiration truck, a Level 3 autonomous vehicle, by the National Highway Traffic Safety Administration (NHTSA) standards, on public roads. Level 3 means a driver is always available to take control of the vehicle and that autonomous functionality is limited. According to reports, the truck uses radar sensors, cameras, and servo motors to detect objects and lane markings around the truck, and a button on the steering wheel needs to be pushed to activate a system called Highway Pilot, which includes steering, braking and accelerating. Though it’s not clear if the Freightliner Inspiration connects to the Internet, I’m assuming it does because of the vehicle’s dashboard that is in the form of a tablet, which means there is a way for hackers to get into the car’s system. If braking and accelerating can be done autonomously, then it can likely be controlled by a hacker. Just imagine what would happen if it gets hacked, like this Jeep did (click here). An 18-wheeler just stopping in the middle of a freeway? Disaster.

Daimler has brought its self-driving truck to the Autobahn, Germany’s famous highway system, to further its testing of the vehicle in various driving conditions.

When it comes to self-driving vehicles, we have more than hackers to worry about. Back in 2007, the Defense Advanced Research Project Agency (DARPA) held the DARPA Grand Challenge, which aimed to discover the best self-driving vehicle. DARPA aims to use this type of vehicle in the field to avoid sending soldiers in hostile areas. The self-driving vehicles, at that time referred to as robots, used lasers, GPS, sensors and other technologies to be able to obey traffic regulations, avoid other vehicles on the road, and make real-time decisions based on actions of other vehicles on the road.

The winner of the challenge was Tartan Racing, a collaborative project between Carnegie Mellon University and General Motors Corp. Despite the success of the event, the race proved that machines do fail. During the race a number of contestants were disqualified because they collided with other vehicles, crashed into a building, or froze in the middle of an intersection or traffic entrance. It was not clear what caused these collisions or freezing, but it’s most probably due to an error in the software. Something like this could likely happen in connected vehicles. Just think of how “buggy” new operating systems for computers and mobile devices are, and you’ll understand what troubles a connected vehicle could face.

Despite the hazards of a runaway massive vehicle, you can’t really blame Daimler for wanting to automate semis. Just take a look at GE Transportation, which has dabbled in auto-pilot control systems for locomotives with its Trip Optimizer, which results in optimized networks, minimized downtime and reduced operating costs.

Weapons

Sniper rifle training [Image 3 of 6] by DVIDSHUB on 2012-02-11 00:22:57

Security researchers Runa Sandvik and Michael Auger revealed that hackers can compromise a TrackingPoint TP750 rifle via its Wi-Fi connections. A hacker can mess with the scope’s calculations so the shooter misses the target or shoots a different target. The hacker can also disable the scope’s computer or even prevent the weapon from firing. The shooter would not even know that the rifle had been hacked. Hunting season could end badly.

Photo by kennethkonica