In a 2012 episode of the TV series Homeland, Vice President William Walden is assassinated by a terrorist who hacks into his Internet-enabled heart pacemaker and accelerates his heartbeat until he has a heart attack. A flight of fancy? Not everyone thinks so.

Internet security experts have been warning for years that such devices are open to both data theft and remote control by a hacker. In 2007, Vice President Dick Cheney’s cardiologist disabled the wireless functionality of his pacemaker because of just that risk. “It seemed to me to be a bad idea for the vice president to have a device that maybe somebody on a rope line or in the next hotel room or downstairs might be able to get into—hack into,” said the cardiologist, Jonathan Reiner of George Washington University Hospital in Washington, D.C., in a TV interview last year.

Medical devices such as insulin pumps, continuous glucose monitors, and pacemakers or defibrillators have become increasingly small and wearable in recent years. They often connect with a hand-held controller over short distances using Bluetooth. Often, either the controller or the device itself is connected to the Internet by means of Wi-Fi so that data can be sent directly to clinicians. But security experts have demonstrated that with easily available hardware, a user manual, and the device’s PIN number, they can take control of a device or monitor the data it sends.

Medical devices don’t get regular security updates, like smart phones and computers, because changes to their software could require recertification by regulators like the U.S. Food and Drug Administration (FDA). And FDA has focused on reliability, user safety, and ease of use—not on protecting against malicious attacks.

Imagine a fleet of quad copters or drones equipped with explosives and controlled by terrorists. Or someone who hacks into a connected insulin pump and changes the settings in a lethal way. Or maybe the hacker who accesses a building’s furnace and thermostat controls and runs the furnace full bore until a fire is started.

Those may all sound like plot material for a James Bond movie, but there are security experts who now believe, as does Jeff Williams, CTO of Contrast Security, that “the Internet of Things will kill someone.”

Williams, whose firm provides application security, doesn’t know exactly how IoT might be used to kill someone or what device will be implicated in the nefarious scheme, but considers it a certainty that a connected device will play a role in a murder.

Similarly, Rashmi Knowles, chief security architect at RSA, said something similar in a recent blog post, imagining criminals hacking into medical devices and starting “a complete new economy” by blackmailing victims.

“Question is, when is the first murder?” wrote Knowles.

Today, there is a new “rush to connect things” and “it is leading to very sloppy engineering from a security perspective, which makes … internet of things devices very attackable — the way web applications were 10 years ago,” said Williams.

Security shortcomings in new cars could nurture a new branch of the infosec industry in much the same way that Windows’ security failings gave rise to the antivirus industry 20 or so years ago, auto-security pioneers hope.

Former members of Unit 8200, the signals intelligence unit of the Israel Defense Forces, have banded together to create a start-up developing technology and services designed to protect connected cars from next generation hackers.

Car thieves are already taking advantage of electronic car entry and ignition systems to steal cars. Recent reports suggest that insurers are refusing cover for keyless Range Rovers in London following the rise of targeted attacks on keyless cars.

But there’s also a more subtle and less immediate hacker threat.

Connected cars lay the groundwork for the introduction of new features, such as navigation by points of interest, music and video streaming, and also remote control of the vehicle via products and services such as GM’s OnStar and BMW’s ConnectedDrive.

All of this extra internet-connected technology increases the number of way malicious parties might be able to hack potentially vulnerable vehicles.

Once inside, an attacker can utilise the vehicle’s internal communication bus and take control of additional modules inside the vehicle, including safety-critical systems like the ABS and engine ECUs (electronic computing units, the embedded computing systems in cars), according to Argus.