Brands must educate consumers to fend off internet of things hacking fears

It’s tempting to be guiltily amused by the manner and method of last week’s DDOS attack.

Despite being the largest ever attack of its kind – and one that slowed or took down household names such as Netflix, the Guardian, CNN and Twitter – it is also memorable because it involved a botnet made up of unlikely household items such as digital cameras, DVRs, fridges and toasters.

The fact, though, that it was a super connected – and badly secured – collection of unassuming everyday items that caused the infrastructure of the internet itself to disintegrate shouldn’t amuse us at all.

Firstly it should worry us, as individuals, that the digital products and services being blithely linked together for our supposed convenience and betterment can be so easily used against us. The benefits of being able to turn on your heating from the pub are somewhat outweighed by the inconvenience of you not being able to access your bank account from anywhere because your thermostat has risen up against the internet.

Secondly, and as importantly – at least for the readers of The Drum – is the problems such attacks cause brands.

If you are a media brand like the Guardian and your site slowed down or disappeared, it’s very likely you lost ad revenues, and as an advertiser on those sites it is likely you lost impressions, traffic and sales.

If you’re a subscription business like Netflix, you lost the ability to deliver your core services. And all sorts of issues arise if you’re a connected device company like pretty much every UK utility company is striving to be.

I’d argue, however, that these are important but short to mid-term blips, which are quickly alleviated when the attack subsides and the internet recovers and resumes its relentless job of underpinning our lives and livelihoods.

The real issue – and one that creates opportunity and alarm in equal measure – is that of consumers’ relationship with risk when it comes to the digital world.

We understand the perceived risk when we drive our cars, lock up our homes, get on planes or strap on our snowboards. The result of acknowledging that risk, means we – grudgingly – understand the need for insurance and having bought it become less worried about those them. We don’t stop driving because we might one day hit something.

The tangible risks involved in accessing the internet and more specifically connecting every known device to it, are beginning to be understood, but our actual behaviour is yet to catch up. Despite a recent US survey stating that 40% of Americans are not confident that internet of things' devices are safe, the use of default passwords for those same devices is shockingly widespread. In fact, how many of you reading this use the same password for every single digital service and product?

In that same survey more than 50% of US consumers said they would think twice about purchasing an IoT device because of their fears about security.

That statistic should worry us. If our future economic growth depends on brands providing services around connected devices, cars and homes – all delivered by the other supposed tech menace of our times “AI” – then we as the marketing community have some work to do to change

1. Brands who provide connected services need to do the same job e-commerce brands did 10 years ago in explaining the benefits of better online security. Having a 100% secure e-commerce site is pointless if your toaster is an open door to hackers.

2. Brands who already play a role in the data security and personal data space need to widen their gaze and remit and start to explain the necessity of good security best practice around connected devices.

3. Insurance brands have a massive opportunity to explain risks and then create products to mitigate against them. Where is the insurance provider offering to cover against loss of revenue, theft and general inconvenience of an IoT related security breach?

We all need a secure and open internet to live as individual consumers and thrive as commercial entities. Assuming the government isn’t going to step in time soon – they seem rather busy – then it’s brands who can and need to be educators, enforcers and reassures in our connected and complex age.

Lawrence Weber is managing partner of innovation at Karmarama, chair of the IPA BrandTech group and a member of the BIMA executive

Lawrence Weber

Lawrence Weber is managing partner at Karmarama.

All by Lawrence