Websites like Twitter, Netflix and Paypal have become the essential building blocks of digital life. So last week, when service to those and other popular sites was temporarily interrupted, life for many came to a standstill, the virtual equivalent of the Mississippi River freezing over.
It didn't take long for the company at the center of the attack to resolve the problems, but the fact that the "botnet" responsible gained entry through connected home devices set off a fresh round of alarms about security in the Internet of Things era. "Massive cyberattack turned ordinary devices into weapons," screamed a CNN headline.
My first inclination is to direct my best Ronald Reagan -- "There you go again" -- at all the press who've jumped on the connected-home-as-Pandora's-box bandwagon. For tech writers, the topic of IoT security is a virtual job-security blanket, all soft and comfy because it guarantees stories that are sure to attract clicks. People need to know if their lives might someday imitate art, with their appliances rising up against them like an episode from "Futurama."
But I'm not going to pick on them this time, because it's the media's job to alert the public to potential perils in the most simplistic and alarmist way possible.
Equally, it's the prerogative of knuckleheads inclined to tinfoil-hat thinking to imagine the worst: That there are people out there trying to read their thoughts and infiltrate their kitchen cupboards, and that all the information gleaned from connected devices will end up in the underground lair of an evildoer, to be used against them.
But despite the fear-stoking quality of most news reports on the subject, and the irrational fears of an irrational subset, connected-home security is a very real concern, and it's one that our company takes very seriously.
Last week's hack reached the magnitude it did because manufacturers didn't build in the necessary safeguards, essentially leaving the back door open for bad guys to walk in. And with no real requirements that the supply chain must meet, it's left to the companies that make and sell products to make sure those products are secure. Even the best customer-generated password doesn't help when the back door has a password no customer could change.
But consumers share some responsibility, too. They need to be smart about the products they're purchasing and the companies that stand behind them.
At Big Ass Solutions, we do our best to make sure our products aren't hacked. We require that every product be connected to a secure WPA2 network. It upsets some people who prefer an unsecured network, but it's important. We also keep an eagle eye on our vendors -- and of course, our products work fine without the Internet, too.
But we recognize that it's essentially an arms race between well-intentioned manufacturers and mayhem-minded hackers, 400 lbs. and otherwise. As connected devices become part of more people's lives, hackers will devise new ways to thwart the safeguards, and companies will adapt. In the wake of recent breaches, there's been a renewed call for some kind of government regulation in the industry, and we would welcome any sensible efforts in that direction and want to be involved.
Among the many things this election season has shown us -- and I'm almost growing misty-eyed at the thought it will soon be over -- is that anything can be hacked. As someone who crouched under a school desk while the Cuban Missile Crisis raged, that thought certainly gives me pause. But the dangers related to the Internet of Things are no different and probably even less than many other threats we accept and live with every day. People need to be diligent about connected-home safety, but certainly not paranoid, and companies in the connected-home business need to take every measure possible to safeguard customers' security or else get out of the house.