IoT Next Surveillance Frontier, Says US Spy Chief

10 Stupid Moves That Threaten Your Company's Security

Security threats on the growing Internet of Things industry may be looming larger than initially anticipated, with government spy agencies potentially being thrown into the mix, along with cyber-criminals looking to pilfer personal information.

In chilling remarks, US Director of National Intelligence James Clapper told Senate members Tuesday that IoT devices may serve as a conduit for cyberthreats against the US.

"In the future, intelligence services might use the [Internet of Things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials," Clapper is quoted in the Guardian.

However, Clapper did not divulge which, if any, spy agencies may be involved or contemplating such moves, but the possibility gives users another segment of hackers to be wary of. Beyond merely harboring concerns about hackers breaking into IoT devices to pilfer personal information for financial gain, users may be concerned about Big Brother types of breaches.

Security experts, according to the Guardian report, say they believe US and foreign spy agencies will glean information from signals transmitted by these IoT devices, similar to what is done with cell phones.

The IoT is definitely gaining attention as a viable target, so much so that at last year's DEF CON hacker conference an Internet of Things Village was added to the various hacker villages at the event.

To address the security of IoT devices, President Obama's new Cybersecurity National Action Plan, introduced Tuesday, calls for establishing a testing and certification center for IoT devices.

The emergence of zombified IoT devices is expected to be one of the largest security issues in 2016, according to a Dark Reading report. In fact, 2016 is expected to be the year hackers focus on turning IoT devices into the Botnet of Things, the report states.

[Read IoT Shows Its Worth to Businesses.]

In one example of how problematic, and potentially deadly, a hacked IoT device can be, consider the demonstration by famed car hackers Charlie Miller and Chris Valasek. The pair used remote control on a car being driven by a journalist driving a 2014 Chrysler Jeep Cherokee 70 mph on a highway. The pair killed the vehicle's ignition switch and steered it onto an exit ramp, while they sat on a couch 10 miles away.

For those living in smart homes or contemplating getting connected, the fear of being watched while burning dinner may have become a bit more real.

Are you an IT Hero? Do you know someone who is? Submit your entry now for InformationWeek's IT Hero Award. Full details and a submission form can be found here.