• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Housing Technology Main Logo

Housing Technology

Housing | IT | Telecoms | Business | Ecology

  • Free Subscription
  • Contact
  • Home
  • Research
  • Magazine
  • Events
  • Awards
  • Recruitment
  • On Demand
Home / Free Subscriber Access / IoT cybersecurity – Attack vectors, fraud and data breaches

IoT cybersecurity – Attack vectors, fraud and data breaches

Many of us love our smart home technologies, from internet-enabled doorbells to intelligent boiler controls but very few of us really think about the technology that we put in our homes. The cost of a device or platform often plays a key factor in the decision-making process, with popular shopping sites offering numerous cut-price, no-name, smart home devices with features that seemingly offer parity with known brands and market leaders. It’s heart-warming to see that smart IoT devices are now accessible to so many with the ability to transform people’s lives.

However, if every IoT device in your home is viewed as a potential attack vector or as the source of a privacy breach, the picture of your home may be bleak. Imagine if the camera you’ve bought could be accessed illegally by another person, if the boiler controls in your house could be manipulated without your consent or if all smart smoke and carbon-monoxide alarms were maliciously activated remotely.

These may seem like unlikely scenarios more suited to a Hollywood movie but the media is full of examples of companies whose devices have been compromised in such a way, including smart thermostats, wifi-enabled baby monitors, children’s toys and smart doorbells.

Security by design

However, let me also offer you some reassurance. Not all IoT devices or platforms are equal and therefore the risk of a device being compromised is also variable. Some companies design their entire platforms with security in mind to reduce the risk that any single component could be compromised and therefore prevent the device ecosystem from being abused. ‘Security by design’ from the ground up should be a proactive ethos for all technology companies rather than retrospectively adding security to your platform and devices to address security holes.

Common standards

Common standards have long existed for internet-facing components such as websites and web services but IoT is a relatively new area, so the quality of standards has varied greatly. Industry peers have recognised this deficit and have worked together to define standards for the IoT industry as part of recognised bodies such as the IoT Security Foundation. This helps to ensure that there’s a known good starting point for all members, learning from collective experience in this area.

Independent verification and accreditation

The BSI Kitemark for IoT devices was introduced in 2018 and offers consumers further assurance that the security of their devices has been independently assessed by a leading, independent industry body. Very few organisations have achieved this benchmark so including this as part of your procurement specification will give you added confidence that your IoT devices are secure.

Commercial liability

Ensuring an IoT device has a genuine CE mark may seem obvious but it establishes a clear line of responsibility for the manufacturing of devices as well as conformity to established health, safety and standards within the EEA. This standard is often abused and fraudulently represented by cheaper offerings so performing due diligence before procurement to ensure IoT devices adhere to it could be a simple but effective way to reduce risk. The inability to satisfy CE requirements should be a warning sign that other areas, such as security, are likely to have been neglected.

Another risk mitigation measure is to ensure that any IoT vendor you engage with is in full control of their data transmission and processing to prevent ‘man in the middle’ attacks and to ensure that end-to-end commercial liabilities are in place. Some long-range, low-powered IoT devices use non-commercial data processing platforms which present a long-term operational risk as well as a commercial liability risk in the event that the devices or platforms are compromised.

The future of the connected world looks bright and strong cybersecurity is the backbone needed for the IoT landscape to flourish. Simple due diligence will help to ensure that you make smart choices when it comes to device and platform selections.

Simon Flint is the chief information and digital officer at Aico.

See More On:

  • Vendor: Aico
  • Topic: Infrastructure
  • Publication Date: 084 – November 2021
  • Type: Contributed Articles

Primary Sidebar

Most Recent Articles

  • Artificial intelligence in housing
  • Mobysoft – Data problems affecting complaints’ handling
  • Data, AI and private-sector strategies
  • Smart repairs & smarter homes
  • From firewalls to fortresses
  • Achieving three quick wins in AI
  • Rebuilding Selwood Housing’s IT infrastructure
  • Are you ready for organisational AI?
  • PIMSS releases AI Document Reader for compliance
  • Calico Homes cuts arrears with RentSense
  • FourNet launches digital transformation index
  • New income recovery software from Voicescape
  • Asprey Assets at YMCA
  • I love spreadsheets…
  • All watched over by machines of loving grace – AI assistants and adult social care
  • The rent revolution – The case for AI-powered payments
  • Unlocking safer living through data
  • Aareon acquires MIS ActiveH
  • Vericon launches MouldSense
  • Back to the future at Housing Technology 2025
  • FireAngel wins Which? Award
  • Maximising income and preventing homelessness
  • Anchoring digital innovation with Plentific
  • Cynon Taf Community Housing gets Housing Insight’s Arrears Manager
  • Tenants, AI & your biggest compliance risk
  • EDITOR’S NOTES – Data, standards & straight-through processing
  • AI as a social housing expert
  • South Yorkshire Housing halves arrears with Mobysoft
  • Bromford Flagship wins Aico’s smart-home competition
  • Putting VIVID’s customers in control of their tenancies

Footer

Housing Technology Main Logo
  • Instagram
  • LinkedIn
  • YouTube
  • Contact
  • Free Subscription
  • Book an event
  • Research
  • Update Your Subscription
  • Privacy Policy

Welcome to the housing Technology – Trusted Information For Business Professionals in HOusing

Housing Technology is the leading technology information service for the UK housing sector and local governments. We have always believed in the fundamental importance of how the UK’s social housing providers use technology to improve their tenants’ lives.

Subscribe to Housing Technology to gain market-leading research, unsurpassed peer networking opportunities and a greater understanding of your role to transform your business.

Copyright © The Intelligent Business Company 2025 | Terms and Conditions | Privacy Policy
Housing Technology is published by the The Intelligent Business Company. A company with limited liability. Registered in England No. 4958057 | Vat Registion No. 833 0069 55.

Registered Business Address: Hoppingwood Farm, Robin Hood Way, London, SW20 0AB | Telephone: +44 (0) 20 8336 2293