The recent leaks from Edward Snowden made it clear that security agencies around the world have theoretical access to most major software, hardware and firmware already. Could future governments set their sights on connected IoT devices such as biomedical implants?
According to a recent article in Computer Weekly, the National Security Agency (NSA) is considering targeting IoT linked medical devices to remotely monitor their international targets.
Is Internet of Things security at risk?
It was discussed during a hearing in the US senate that interconnected devices could be useful “for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials.”
Finding the right balance between national security and personal privacy is always difficult. On the one hand, governments can argue that if you have nothing to hide you have nothing to fear. On the other hand, privacy campaigners will argue that innocent people should not be subject to any kind of covert surveillance whatsoever.
With more and more of our personal data – especially location data – being monitored and stored by our devices there’s an obvious attraction for surveillance agencies getting their hands on it. While it can be difficult to continually stay one step ahead determined hackers, a government agency has significant resources available and simply needs to pass legislation in order to access private data.
As the number of IoT devices explodes, so does the number of vulnerabilities in the security of our personal data. If people discover their smartphone has been tapped, it’s a straightforward matter to replace it. Not so with a biomedical implant.
Manufacturers of IoT devices may soon find their customers demanding far greater levels of security. Using chips that are secure by design and that are capable of implementing multiple methods of security and encryption helps guard the privacy of these customers, now and in the future. Using ‘ethical hackers’ to test products can also go a long way to ensuring devices are secure.