Exploiting the IoT

This year’s Defense One Tech Summit, an annual military technology conference was held last week in Washington DC. The US Secretary of Defense, CEO’s from leading tech companies, and technology scholars came together to discuss important security developments. The agenda at the summit was without a doubt very impressive with many technology leaders speaking. Perhaps the topic that captured the most attention was the NSA expressing interest in exploiting internet-connected biomedical and other smart devices to surveil people of interest and collect foreign intelligence. They are looking to exploit the Internet of Things, meaning devices like wireless pacemakers could be used to monitor its user. When asked about the possible exploit, NSA Deputy Director Richard Ledgett said, “We’re looking at it sort of theoretically from a research point of view right now” and also claiming that it would be “a niche kind of thing … a tool in the toolbox.”

While this is not the first time exploiting IoT has been mentioned, it’s well known that wireless medical devices have many security vulnerabilities. As wearable technology enters the data grid, its increasingly more important that we understand the security risks it potentially poses. Only thinking about it passively could have consequences down the road.