IoT devices pose major risk to personal data

Harsh Sinha, vice president of engineering at TransferWise, says IoT devices will be prime targets for hackers

Internet of Things (IoT) devices that contain personal information will be highly attractive to hackers, warned Harsh Sinha, vice president of engineering at TransferWise, speaking at the Computing Internet of Things Business Summit.

Sinha said that IoT devices could actually prove even more valuable to hackers than current targets as they will not only provide access to standard hacker data such as date of birth, email address and so on, but also, potentially, to information of an even more more personal nature.

"IoT devices can have all of this but also much more personal data, such as where you live, what time you come and go from your house. Hackers could even get into your camera monitors and see your family," he said.

He cited the Nest thermostat and the Dropcam as devices that will attract hackers.

Sinha said that adding more devices to home networks will only increase the risk of hackers getting into systems and pilfering data, citing the Target hack as an example of how this happens.

"The Target hack occurred because of malware that was introduced via a computer belonging to a contractor who was working on their heating, ventilation and air conditioning (HVAC) systems.

"The contractor was on the network because Target had installed sensors to check and monitor temperatures across the store, so it was because of the third-party IoT devices on its network that Target got hacked."

He said this situation is compounded by the fact that for most IoT devices security is an afterthought.

"Firms prefer function over security; they just want to get the product out and get people buying it so they are just racing to get it out there."

He added that the lack of security standards for IoT was a major concern, although he praised Apple for putting security requirements into its HomeKit service on iOS devices.