Google recently announced a new operating system, a tiny piece of software called Brillo, designed to connect everything to everything else. If you own an Android smartphone, any product loaded with Brillo will immediately appear on your phone. No installation, no setup, just turn on your new oven or household gizmo and it will be a connected device. You can then enter a passcode or, if it is an open device, it will work straight out of the box. Brillo might also provide a mechanism to pay parking fees or to control traffic lights, CCTV and other infrastructure from a smartphone.
This is, of course, part of the much-hyped Internet of Things that is expected to generate worldwide $3.2 trillion (£2.08 trillion) of economic activity annually by 2020 – together with a skills gap of 2 million engineers. The Chinese government alone is reported to be planning to invest more than $600 billion by 2020 in IOT and machine-to-machine technology. The UK has committed to investing £40 million in IOT research.
The expectation is that your kettle, fridge, locks or lawnmower can be fitted with a tiny computer and controlled via the internet. Personally, I can’t imagine why I would want to control my kettle or fridge remotely, but the idea of mowing my lawn from the comfort of an armchair has a lot of attractions.
One concern is that these smart gadgets are harvesting data on our personal activities. For example, LG smart TVs were reported to be tracking their owners’ viewing habits even if they opted out of viewing analysis. Samsung models were listening to all conversations in a room. The reason, it said, was so the voice recognition feature could collect all of the speech in the room, listening out for voice commands telling it to change channels.
This highlights a second concern. Most of the firms making these smart devices have huge experience in TVs and white goods but far less experience of security. They focus on adding more functionality and security is seen as a lower priority.
A third concern is that many of the “things” now being connected to the internet were designed in a pre-internet age and were never expected to share data or be protected against attack by hackers. These include lifts, vending machines and, more worryingly, infrastructure such as traffic control systems, power stations and even space satellites. Yet researchers have reportedly found vulnerabilities in control systems that would allow attackers to crash or hijack the servers controlling electricity substations and water systems across the US.
According to Chatham House, cyberspace is on the brink of an arms race. A few states’ pursuit of cyberwarfare capabilities – including capabilities intended to target the critical infrastructure of other nations – has prompted other states to do the same. In 2014, for example, Russia announced the formation of its own crack “information troops”. At least a dozen countries are now thought to possess cyberwarfare capabilities of an advanced form and a further 60 to 100 countries have acquired some level of cyberwarfare capabilities.
The dangers from our own smart gadgets may in future be the least of our problems.