IoT Devices – Smarter but Vulnerable

Internet of things (IoT) world map with connected devices

Did you ever think that there would be a time when you wake up from bed on a blissful Saturday morning and go, “I really ought to secure my toaster”? Of course you didn’t, it’s a toaster, and what would you do? Zip-tie it to your cabinet? But, that’s not the kind of secure I mean – I’m talking about cyber security. With our endless need to make chores smarter and tasks faster, we’ve turned to the aid of technology to make the mundane activities less painful and more efficient. The answer to this was ‘Smart’ devices which can perform their tasks without human intervention. A lot of this is made possible thanks to the Internet of Things, hooking up everyday conventional objects to the internet. They talk to each other and they talk to themselves – your toast never gets burnt again! But unbeknownst to you, your toaster could be leaking your private and sensitive data to the outside world.

Application and Device Security

Smart Devices and Application Security is not really a thing, but lately there has been a rude awakening for its need Whereas computers come with firewalls and antiviruses and a million other security measures, unfortunately this is not the case with most smart devices.

Smart devices need to be connected to a network in order to be smart, and hackers can use these devices to gain access to your network. IoT devices essentially act as different avenues of attack. This is a result of thousands of devices being made with no real security standards. There has been a rise in the number of hacks and cyber-attacks faced by companies every year, but despite that, there has been little to no focus on the security of devices. This situation is similar to what the computer industry underwent about twenty years ago – the generalization of a new technology too soon too fast with little thought about security.

Wake up Call

Ever since 2016, Mirai IoT botnets[1] have been wreaking havoc and disrupting companies. These threats, such as botnets and hackers are constantly evolving. Each iteration is better than the last at identifying, exposing and exploiting vulnerabilities, this along with the legion of unsecure IoT devices is a recipe for cyber security disaster. It is high time that Application and Device Security gets a spotlight on it. Back in 2013, Gartner predicted that IoT will be implemented in 26 billion units by 2020[2]. But now, ABI estimates that over 40 billion[3] devices will be using IoT technology by 2020.

This is a huge difference from what was previously predicted, and 2020 is merely a stone’s throw away. Just earlier last year, we had a fish tank[4] that leaked the data of an American casino. Hackers can use these IoT devices to do a number of things from stealing data to performing a denial of service attack (DDoS). A cyberattack can harm businesses in more ways than one, even now people are apprehensive of using the Playstation Network from the time Sony lost personal and sensitive data of over 77 million users[5]. Apart from the physical, or in this case virtual damage received, it can be equally harder to recover from a damage to reputation.

Crisis Aversion

There are two ways we can attribute for the current situation we find ourselves in. One, is that there is no real incentive for manufacturers to factor in security when making the goods. And two, is that the user should have taken measures to ensure that their network is air tight and risk free. Whichever way you look at it, we still need a solution. At present, there is no regulatory body or certification board that forces suppliers to ensure optimal device security. We can possibly explore a future where manufactures are required to have security measures in place and market them as part of the features of the product.

We should also ensure that the best practice is carried out when it comes to cyber security. Running penetration tests can help identify any possible vulnerabilities and then take measures to combat it. This can ensure that even if there is a slip up from the supplier’s side, you are still secure on your front and are capable to fend off any threats. Your devices should be adding in security, not vulnerabilities – always prefer a device that comes with built-in security competences. Nothing is a 100% secure in today’s world but with the right measures in place and meticulous network management, the risks can be accounted for and effectively mitigated.

References

  1. ^ Device wars: Researchers track new IoT botnet DDoS attacks. (n.d.). 
  2. ^ Gartner Says the Internet of Things Installed Base Will Grow to 26 Billion Units By 2020. (n.d.). 
  3. ^ The IoT effect: 40.9 billion wireless connected devices by 2020. (2014, August 27).
  4. ^ Hackers attempted to steal data from a North American casino through a fish tank connected to the internet. (n.d.)
  5. ^ Quinn, B., & Arthur, C. (2011, April 26). PlayStation Network hackers access data of 77 million users.

About Author

goraceit technologies

Goraceit Technologies Ltd is an independent Consultancy specializing in Information and Communication Technologies (ICT) and related solutions. The mission of the company is to provide customers with predictable, business-focused IT services that optimizes operations, manages risk, and delivers measurable business value to them. Reach out to us, and let us add value to your business.

Post your comment

Your email address will not be published. Required fields are marked *