Yotam Gutman has filled several operational, technical and business roles at defense, HLS, intelligence and cybersecurity companies. Following a successful consulting career in which he supported multiple cybersecurity startups in marketing and business development activities. He is currently head of global marketing at IoT security company SecuriThings.
Digital Journal caught up with Yotam to discuss safety tips for avoiding and detecting external manipulation of IoT devices, as well as technologies that can help service providers protect their customers from malicious hacking.
Digital Journal: How are IoT devices taking off?
Yotam Gutman: There were about 8.4 billion connected things in 2017, setting the stage for 20.4 billion Internet of Things (IoT) devices to be deployed by 2020, according to analyst firm Gartner. Of the various sectors, consumer IoT is leading with rapid adoption, and by 2019, 1.9 billion smart home devices are expected to be shipped. One recent survey shows that more than two-thirds of consumers are likely to purchase IoT devices for their homes by 2019.
DJ: Will IoT be essential for the smart home concept?
Gutman: It already is. IoT will allow the house to “sense” the environment, tenants and supplies, and act automatically to fulfill our needs. IoT devices will open the windows to allow fresh air in, order food when the supply is running low, start heating our houses before we get back home, and slowly dim the lights when they sense we are ready for bed.
DJ: Are connected devices an ongoing threat to the safety and security of homes?
Gutman: They are. Most device owners are clueless about security and leave the devices with the default credentials, which makes hacking them a breeze. Once they are compromised, perpetrators can access the devices and the data they collect – footage, voice recordings, temperature, etc. There are many recorded cases of such behavior.
DJ: In an unusual side of IoT, how are estranged spouses and exes using IoT devices as tools of domestic abuse?
Gutman: Some IoT devices installed in the home environment are being exploited by people with malicious intentions. The most obvious use is to spy on and record audio and video of people living in the house, to be used later for extortion or revenge (e.g. posting online), as well as for voyeurism. Other connected devices are being controlled for intimidation purposes, with perpetrators ringing the doorbell over and over, continually turning down the air conditioner, turning on the lights in the middle of the night, or unlocking the smart lock to enter the house when the victim is away.
DJ: Are there significant risks from hackers?
Gutman: Absolutely. Hackers can gain access to these devices and use them for similar purposes. They also hack IoT devices to use their computing power for denial-of-service attacks and cryptocurrency mining.
DJ: How can people avoid becoming victims of IoT hackers?
Gutman: Consider the necessity of buying a connected device for your home: If you’re not sure you need it, wait another year or so. If you have one, place it somewhere where it can only record you when you are completely aware of it (the kitchen would be fine; the bedroom, not so much…). Use devices only from known and trusted vendors (this reduces the risk of external hacking) and make sure that upon installation you change the default user name and password. Otherwise, you are being negligent.
DJ: What can be done to boost security and safety?
Gutman: Awareness is key, so people should ask for professional advice when purchasing and installing IoT devices, just as they would with a home alarm system.
DJ: Is regulation needed here or can the sector become self-regulating?
Gutman: Regulation would be welcome. There is so much broken stuff being shipped that some regulations are necessary.
