In the 1980’s it was found that electronic equipment such as computers and control systems could be remotely monitored and in some cases it was found to be possible to digitally eavesdrop using fairly crude-but-effective receivers.
At the same time methods were developed to block or “jam” signals and render systems inoperable.
In the military sphere there was a mini revolution and programs were put into place to make sure such risks were minimized and ideally eliminated. The practices used for the military soon spread into the industrial and commercial sectors as computers and digital systems became commonplace. At that time most “systems” tended to be isolated from other systems and services, and intra-system data was relatively easy to protect.
However, today there is an ever-growing need to connect everything up and to network across systems. As such, the Internet of Things (IoT) has changed our perception of what is considered to be “secure”.
In simple terms, no matter how secure the data channels are considered to be, once devices are connected up to a common access point (e.g. the internet) then it will be possible, although not easy by any means, to access data and potentially “hack” the components of the system.
Consider the case of a credit card with embedded chip. In isolation (i.e. not connected to a reader and the internet) it is pretty much secure so long as you keep it in your pocket. However, once inserted into a card reader, which is in turn connected to a network, then how can you be sure your data is secure? Whilst banks and payment schemes go to extremes to make sure their systems are secure there will always be some degree of risk, although it has to said in this case the risk really is very small.
Some also consider a more insidious risk to be that arising from the mining of “big data”. For example if an individual has all of their personal electronic equipment, including cars, computers, mobile telephones, home automation systems and electrical appliances connected together via the internet, then it is possible to electronically build a profile of that person and their lives. This information could then be put to use for nefarious purposes. How do we harness the benefits of the IoT whilst minimizing the risk of security breach?