NEW YORK (MainStreet) Daily seemingly tens of thousands more devices - from industrial turbines to home espresso makers and bathroom scales - connect to the Internet, and then there is the dark side of this growing "Internet of Things," as it's called. "You can murder people by turning off their insulin pump, by flipping this car over, by hacking into their home security system and starting a fire--all very doable," said Rod Rasmussen, president of IID, an Internet security company.
He acknowledged that to do any of that might require high levels of skill. But that skill, he suggested, is becoming commonplace, which is why IID now solemnly makes the following prediction: "Due to the 'Internet of Things,' where virtually everything electronic is conveniently connected to the Internet, malicious hackers will take advantage by burning houses down remotely and/or remotely turning off security systems to allow burglars inside."
Stay tuned, because IID now is saying we will see such occurrences before 2015.
Hyperbole? Maybe not, suggest a number of security experts surveyed for this story.
That is because, in the rush to create "smart" appliances -- everything from televisions that grab programs via WiFi to refrigerators that know to ping you when milk needs replenishing - "we forgot one thing," said Rasmussen. "We did not build in security."
Said Joseph Steinberg, CEO at security company Green Armor Solutions: "While some doomsday predictions may seem like plots from science fiction movies rather than real threats, the reality is that evildoers can wreck tremendous havoc via the Internet, causing far more damage and loss of life than many people would expect."
"A great commonality in security is people don't take it seriously until something really bad happens," said Nick Levay, chief security officer at Bit9, a security company. For his part, Levay is convinced it is just a matter of probably short time before those bad things in fact begin to happen in numbers.
Fact: talk with security pros, and many shun connected appliances. Rasmussen, for instance, proudly noted that he drives a 17-year-old car with none of the high tech bling and, therefore, no hacker can seize control of it as Rasmussen speeds down the highway.
Chris Wysopal, CTO at security company Veracode, is of a similar mindset. "I have shied away from connecting my home to the Internet," he said. "That technology is still in version 1.0 and that means there are risks."
Wysopal pointed to the home security systems - you have seen the TV ads - where a customer calls up an app on his smartphone to doublecheck his home's doors are locked, windows are closed, and that the stove is off.
All that is great, suggested Wysopal, but if the consumer can do it with a few clicks on an iPhone, guess what a hacker could do with a similar few clicks.
He indicated that in some device categories - Wysopal pointed to automobiles - manufacturers saw the same hacker horror stories security professionals saw and many of them have begun to take this seriously and respond with safeguards.
But many other device categories, suggested Wysopal, cannot say the same.
Many medical devices, said the experts, may be necessary for the user to live, but many also are set to default passwords that are easy to find in documentation that is readily available on the Internet. Hack into a victim's pacemaker, and how hard would it be to cause a catastrophic event that probably would look exactly like a heart attack?
Another problem with Internet ready consumer devices: many have not made it at all easy for consumers to find and apply security patches, said Kevin Haley, director for the Security,Technology and Response team at Norton by Symantec. He pointed to the ease with which patches are applied to the operating systems of smartphones and computers - whereas with connected home appliances no obvious thought was given to exactly how consumers would retrieve and instal patches, even when they are known to be needed.
Even so, Haley shrugged, hacks of the Internet of things today are still more talked about than actually done. Except he did not see this as news that means stop worrying. That is because he knows exactly when this will become a problem that really worries many of us.
"When this will get serious is when the hackers figure out how to monetize this," said Haley.
That day, he suggested, may be coming, sooner than you expect.
If it is freezing outside tonight and your furnace snaps off...and then a text message pops up on your phone with an offer to turn the furnace back on for a Bitcoin transfer of $1,000, what would you do?
"When the bad guys figure out how to monetize this, we'll be in real trouble," said Haley.
--Written by Robert McGarvey for MainStreet