Can IoT devices security and surveillance be considered as a hoax?

The Internet of Things, dubbed as “IoT” as we are all aware of in this digital age !

Now lets talk about the basics of it and the nitty gritty’s.

Statistics and know-how(the basics):-

The IoT is expanding at a rapid rate and is expected to grow over the coming years at a pace which makes previous technology adoptions look insignificant. Predictions are that by 2020 there will be some +20 Billion connected devices worldwide. The IoT promises to connect everything from CCTV cameras, medical devices, smart home products to smart enabled vehicles and many more devices.

The Security explained in a simpler way:-

As far as the security goes it’s quite nascent as of now, keep on reading below as it get more intriguing. There ain’t one single update to upgrade or downgrade the systems firmware. Things can get goofy with hundreds of different architectures, the micro-processors used, the SoC’s(System on Chip) etc. Also these devices always need to be connected and stayed online if not for hundred percent of the time. As the complexity of the architecture increases(which is the given fact as more and more such devices come up in the existing market and the innovation which keeps them driving) the amount of code to be written for devices gets fragmented and there are chances that the updates to be received or made to be pushed never gets to see the light of the day.

Most of the updates/upgrades are unpatched and this leaves it extremely vulnerable to hackers and folks with malicious intent over the internet. The effect as of now might not be that devastating but if not taken care by the user, they might be fatal. Also we need to consider it as a normal digital product, say like a smartphone which need to be kept updated as always like we do over the Wi-Fi most of the time.

The most common form of attacks that could be made are DDos, “Distributed Denial of Service” which can be simple in nature to the most complicated one wherein data of say tera bytes could be flooded in or injected to an IoT device which could make them useless or dead for a given period of time.

Now lets talk about surveillance:-

Take examples of best know IoT home devices like Amazon Echo or Alexa, or Google’s newly launched Hub, and the products like Google Nest, now as per reports these devices which have small form factor and IoT, ofcourse are being used to spy on people by collecting the users data. And yes the big brother is listening. This seems to be like a whiste blowing thing, for the peeps who are unaware of the revelations done by the Edward Snowden about NSA, but don’t get me wrong the reports from Forbes reveals these same things since 2015 from Google when it had acquired Nest to hand over surveillance data to governments and intelligence agencies.
As per facts and figures, After Google’s acquisition of Nest Labs, transparency reports released by the company shows nearly 60 requests for data were received in the first half of this year itself. In fact, the government has sought data for 525 different Nest account holders since 2015.
Another noteworthy point is that the company hasn’t received a National Security Letter yet. NSLs are generally filed by intelligence agencies whenever they are looking for company data.

It all finally boils down to the nation and country, states etc where the laws are made either to be adhered or to be let gone.