Along with technology evolution, cyber threats are also getting more sophisticated and innovative.
The number of Internet connected devices is growing rapidly and is expected
to reach 50 billion by 2020.
More connected devices mean more attack vectors and more possibilities for hackers to target us.
Threats to the Internet of Things Security
- Attacks against IoT Devices
- Attacks against Communications
- Attacks against the master of Devices
- Botnet in the IoT
Botnets pose a huge risk, for example attacks against critical infrastructure or gaining unsolicited access to company networks. The distribution of malware through a weak link in the chain is another access point for botnets – and can lead to further infected devices within the network. Increasingly this happens without the knowledge of the device owner.
Day to day things like printers, fridges or televisions are often not receiving the same level of security as for example smartphones or laptops, hence they provide easy access to hackers looking for their next chance to launch an attack. A famous example was the attack on the Xbox and PlayStation networks last Christmas, where home wi-fi routers were used to mount the attack. Through the DDoS (Distributed Denial of Service) attack Microsoft and Sony servers couldn’t cope with the amount of traffic, which forced the online services to a halt.
What is being done to secure the IoT?
The silver lining is that IoT security, previously ignored, has now become an issue of high concern, even at the federal government level.
Several measures are already being taken to gap holes and prevent security breaches at the device level, and efforts are being led to tackle major disasters before they come to pass. Such episodes also served as a wakeup call for the entire IoT industry.
For one thing, the gateways that connect IoT devices to company and manufacturer networks need to be secured as well as the devices themselves. IoT devices are always connected and always on. In contrast to human-controlled devices, they go through a one-time authentication process, which can make them perfect sources of infiltration into company networks.
Also of concern are huge repositories where IoT data is being stored, which can become attractive targets for corporate hackers and industrial spies who rely on big data to make profits. In the wake of massive data breaches and data theft cases we’ve seen in recent years, more effort needs to be made to secure IoT-related data to ensure the privacy of consumers and the functionality of businesses and corporations.
The Internet of Things has great potential for the consumer as well as for enterprises, but not without risk. Enterprise security teams should take the initiative now to research security best practices to secure these emerging devices, and be prepared to update risk matrices and security policies as these devices make their way onto enterprise networks to enable machine-to-machine communication, huge data collection and numerous other uses.