You used to just have to worry about installing anti-virus software on your computer, and then you were safe (unless you had a Mac, then you were safe from the start). But as malicious hackers have gotten more clever - and, more importantly, as the internet seeps into our daily, physical lives with the emerging "internet of everything" - cybersecurity is going to play an increasing role in our lives. The most recent example is a vulnerable "smart toilet" in Japan. I hope the IT experts are ready for the future.
Information security firm Trustwave issued a warning on August 1 saying that a smart toilet, called the "Satis," made by Japanese manufacturer INAX, has a Bluetooth vulnerability that allows anyone with an Android smartphone and the smart toilet's app can wreak havoc on the connected commode.
"As such, any person using the "My Satis" application can control any Satis toilet. An attacker could simply download the "My Satis" application and use it to cause the toilet to repeatedly flush, raising the water usage and therefore utility cost to its owner," Trustwave's security alert stated. "Attackers could cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to user." The exact vulnerability is a hard-coded Bluetooth PIN that is set to "0000," which, besides being an obvious code, was successfully reverse-engineered by decompiling the code. The Satis smart toilet, which can cost thousands of dollars, features relaxing music, automatic "direct vortex" flush, automatic toilet seat system, adjustable water pressure and temperature, heated seat with temperature control, warm air dryer, deodorizer, and "advanced glazing technology."
While the idea of a hackable head may sound like good fun, this case of the pirate-able privy is just one sign of security issues to come in the future - seriously.
The future "internet of things," - the intersection and interconnection of devices, vehicles, systems, appliances, and, yes, bathroom fixtures - is an exciting idea. Every time you connect systems together, they become "smart," and you get more and better ways to control them. But, as we've been increasingly seeing, there may be more ways for others to control you.
If that sounds familiar, it's because Lookout security posted a manifesto of sorts about the future of IT security when it cracked Google Glass's security with an open WiFi connection and a QR code - those little square barcodes you see on advertisements. The security company warned that, with more "smart" things to hack, some hackers will find innovative, never-before-seen, ways to hack them:
"The benefits that these intelligent, connected devices bring to our lives are almost too numerous to count. However, when we gift these things with intelligence and senses, we also fundamentally change their very nature. Mundane objects, once familiar in appearance and completely unremarkable from a security perspective, suddenly become the guardians of sensitive data, ranging from sensitive financial information to detailed telemetry about personal aspects of our lives."
According to Phys.org, one of the Black Hat 2013 (cybersecurity and hackers' conference) presentations this year was about invading a person's home without touching it - just using smart devices that are connected and vulnerable to attack. "Once upon a time," said the presentation notes, "a compromise only meant your data was out of your control. Today, it can enable control over the physical world resulting in discomfort, covert audio/video surveillance, physical access or even personal harm."
So whether it's smartglasses or smartwatches, toilets or trucks, the smarter they get, the easier they fall.