Pivoting the fraud conversation to IOT devices and the future of hackable technology

Supported By:

Net Patrol International Inc.  Data Investigation and Forensic Services
Bankruptcy and Insolvency Trustees

Last week we wrote about the changing technological landscape of fraud. Moreover, we wrote about the necessary conversation that we should be having about defining and interacting with the ecosystem attached to fraud. An interesting thing about technology in the context of this ecosystem is just how malleable and interchangeable the conversations can be. One day we’re discussing the slew of recent data breaches (read our story on Imgur here) with the following day dedicated to different historical constructs fraud is found in.

Here we’re pivoting the conversation to the Internet of Things or IOT for short. It’s a term that’s been kicked around the cybersecurity community for some time now, but just recently broke through the mainstream with the massive router breach that was reported on earlier this year. The concept of IOT and compatible devices is very simple and has been around for years: essentially everything we use on a regular basis already or is going to be hooked up to the internet.

The word “smart,” has been essentially co-opted for this type of technology and is fast becoming the most annoying buzzword of all time. Smart garage controller, smart shoes, smart workout clothes, smart medical alert watches, smart Lego even. The concept of IOT is quickly being adapted and applied to consumer culture, allowing companies to datamine even further into the habits of their customer base from regular everyday devices, selling you a shiny new toy that knows everything about you. For example, there are barbeque grills that will text you when it’s time to flip whatever you’re cooking.

While IOT devices sound tantalizing on paper, the fraudulent possibilities are quite scary once you look a little closer. There’s certainly a discussion to be had about whether or not we actually need or are even ready for this technology (of course we don’t and I don’t think we are) but that’s another rabbit hole to dive down another day. The most important aspect of this discussion for everyone at Canadian Fraud News is how the world of fraud applies to this new burgeoning technology. Part of this fraud stems from consumer apathy as to what lies behind the shiny new toy. We assume that the people responsible for making the product are also responsible enough to provide adequate security protections. But as it was with Equifax where the flaw in the system was known about for months, it’s not always the case.

No matter how safe and secure companies report their technology to be, the room for identity theft and even financial extortion via your devices is not something of the future, but a very real possibility. We’ve seen new technology meld into the standard way of doing things, with ATM bitcoin machines. Combining old and new is great, but we’ve also reported on fraudulent practices with this same technology. Even then, we don’t have time to get used to new pieces of tech that are introduced to the market before new products are being touted as the latest and greatest thing. A great example of this is the statistic that between now and 2021 the number of consumer-owned IOT devices is expected to increase by 60 per cent, according to IDC Canada.

Reported cases of Amazon’s Alexa technology listening in on conversations is old news. The ability to hack into baby monitors? Accomplished. And don’t even get me started about laptop cameras. We’ve essentially traded convenience and ease-of-use for privacy and security. The hit British TV show Black Mirror is no longer something to laugh at and I truly think we should be more concerned than we are.

In these scenarios, it’s not about understanding fraudulent activity, because fraud is quantifiable. The bigger problem here is the infrastructure that allows fraudulent activity to create an ecosystem it can easily manipulate. If you look at fraud in this sense, it’s whack-a-mole with short-term security solutions everytime a new piece of tech is introduced to the consumer market. Instead of having rock-solid security stability from the beginning, an apology is given after the inevitable hack and then solutions are put in place, seemingly quaffing any notion of further security risk – which is not how it works at all.

It’s not enough to be diligent about how you use the internet when you literally can’t escape it. We have to try and reframe how we view fraud and the fast-paced nature of technology because no one will ever raise concerns unless the questions are asked by those who matter most: You the consumer with a barbeque that can text you. We cannot be complacent in thinking that those who create the things we use every day will be diligent enough to protect them.

Read our latest Canadian Fraud Original here.