Companies in the oil, gas and utilities sectors have relied on digitally connected equipment for a long time, but recently, the so-called “Internet of Things” (IoT) has become the source of cyber security concerns.
What is the Internet of Things?
If you think about the many different ways to connect to the internet, the first devices that spring to mind are probably computers, tablets and mobile phones. But these days, a huge range of objects are also embedded with the electronics necessary to go online.
At home, you’ll find that your TV is probably capable of connecting to the internet, while games consoles, your thermostat and even your refrigerator might be capable of connecting to the web.
The technology has also made it to the professional realm. For example, measuring and monitoring equipment is often connected to the IoT, making it easy to gather data from distant locations.
What’s more, in the near future, virtually every energy consumer will have a smart meter installed to monitor gas and electricity usage. Recent research from BI Intelligence found that smart meter uptake will reach 454 million units globally in 2015, and that number is likely to double by 2020, making it a leading IoT device.
Information gleaned from smart meters should help individuals make better choices about how they use energy, while suppliers will enjoy benefits such as more accurate billing and an improved understanding of how and when energy is used.
What are the risks?
While there are plenty of benefits of having devices connected to the internet, there are also security risks that need to be addressed.
Earlier this year, it was revealed that smart meters widely used in Spain could be easily hacked – and this led to concerns about data protection and privacy.
In fact, anything that’s connected to the internet could be a potential target for hackers. Even children’s toys are not immune from the problem. In November, the Guardian reported on a Wi-Fi enabled Barbie doll that could be turned into surveillance device without the owner’s knowledge.
US security researcher Matt Jakubowski told NBC that when connected to Wi-Fi, the doll was vulnerable to hacking and outsiders could access the doll’s system information, account information and stored audio files. They also had direct access to the microphone.
“You can take that information and find out a person’s house or business. It’s just a matter of time until we are able to replace their servers with ours and have her say anything we want,” he added.
What to do?
The lesson to be learned is that, whether you’re a home user, an energy company, a toy supplier or any other business planning to use the IoT, the risks to data privacy and security need to be taken into account.
Take time to identify all of the people, processes and technologies involved and consider the ways a cyber attack could play out. Also, make sure the devices and their connections are tamperproof. Carrying out a full risk assessment can help you to determine if the technology is appropriate for your purposes and help you spot any weaknesses.
To find out more about JCAD’s risk management software, and how it can help mitigate risk in the utilities sector, contact us today.