Hooking up gadgets to the web promises huge. But security must not be an afterthought
CYBER-SECURITY is now part of all our lives. “Patches” and other security updates arrive for phones, tablets and PCs. Consultants remind us all not to open unknown files or plug unfamiliar memory sticks into our computers. The bosses of some Western firms throw away phones and laptops after they have been to China assuming they have been hacked. And yet, as our special report this week points out, digital walls keep on being breached. Last year more than 800m digital records, such as credit- and debit-card details, were pinched or lost, more than three times as many as in 2012. According to a recent estimate by the Centre for Strategic and International Studies, a think-tank, the cost to the global economy of cybercrime and online industrial espionage stands at 445 billion a year—about as much as the GDP of Austria.
如今，网路安全与我们每个人息息相关。手机、平板电脑以及个人电脑上的各种“补丁”以及其他的安全更新应运而生。安全顾问提醒我们不要打开未知文件或将陌生的记忆棒连接到自己的电脑上。一些西方公司的老板如果在中国遭遇黑客，他们就会将手机跟笔记本电脑扔掉。正如本周的特别报道中指出的，数字墙正遭受着源源不断的攻击。去年，诸如信用卡和借记卡记录在内的超过 800m 的数字文件被删除或丢失，是2012年的三倍之多。据战略和国家问题研究中心—一个智库—最新评估称，全球经济网络犯罪和网络工业间谍活动一年耗资为4450亿美元，将近奥地利的 GDP。
Now a new phase in this contest is emerging: “the internet of things”. This involves embedding miniature computers in objects and connecting them to the internet using wireless technology. Cisco, a technology company, predicts that 50 billion connected devices will be in circulation by the end of the decade, up from 11 billion last year. Web-connected cars and smart appliances in homes are becoming more common, as are medical devices that can be monitored by doctors many miles from their patients. Tech companies are splurging cash: witness Google’s punt on driverless cars and the 3.2 billion it has spent buying Nest, a maker of smart thermostats.
Such connectivity offers many advantages, from being able to adjust your house’s heating when you are in the office to alerting your doctor that your insulin level has risen. But it also gives malicious hackers an easy way to burrow deeper into people’s lives. The small, embedded computers at the centre of the internet of things do not have as much processing power or memory as, say, a smartphone, so security software on them tends to be rudimentary. There have already been instances of nefarious types taking control of webcams, televisions and even a fridge, which was roped into a network of computers pumping out e-mail spam. And security researchers have found ways of hacking into some kinds of medical devices and cars, though this still requires specialist knowledge and kit. The wireless heart monitor of Dick Cheney, America’s former vice-president, was modified to stop remote assassination attempts.
Beware the fridge in Ealing
For the companies building the internet of things, its vulnerability could be costly. The tactic of pumping out new software as fast as possible and then issuing patches later to fix flaws in the code may be tolerable if all that is lost is data, but if it involves personal safety, consumers will be less tolerant. In order to avoid lurid headlines about cars crashing, insulin overdoses and houses burning, tech firms will surely have to embrace higher standards. Just as with computers and phones, there will be more passwords and more updates, though that may make the internet of things less easy to use—a blow for a business based on making life more convenient.
For governments, the temptation will be to panic and do too much. They should make clear that web-connected gadgets are covered by existing safety laws and existing product-liability regimes: last year Japan’s Toyota was successfully sued for installing malfunctioning, but not web-connected, software. Wrongdoers should be punished, but the best prompt for securing the internet of things is competition. Either tech firms will find ways to make web-connected gadgets more dependable, or people will decide they can live without them. Who needs a smart fridge anyway?