Internet of Things: Cyber Security Threats In 2020

The future of Internet of Things (IoT) is has arrived.  IoT applications have been widely adopted in many fields of industry, including  healthcare, energy and industrial automation. While enjoying the convenience and efficiency that IoT brings to us, new threats from IoT also have emerged.

 IoT devices are meant to work in concert for people at home, in industry, or in the enterprise, however they also allow criminal hackers easy ways into your computer systems.

IoT devices are designed to connect wirelessly to any network and can both recieve and transmit data. These devices can communicate and interact over the Internet, they can be remotely monitored and controlled and they can also be attacked.

IoT Spend
And as IoT spending will probably reach $745 billion in 2019 and surpass the $1 trillion mark in 2022. That’s a 15 percent increase over 2018’s $646 billion. And according to some estimates, the US and China will be spending the most at $194 billion and $182 billion, respectively. They are followed by Japan, Germany, Korea, France, and the UK.  

Cyber Burglars
And so just as a current burglar looks increase in potential targets for the same weak point in a home as criminal burglars did a hundred years ago, such as an unlocked backdoor, open window, hackers have the same mindset to note an increase in potential targets and then to identify a weakness in the system, exploit, rinse and repeat. 

Until very recently this meant a limited number of vulnerable points of access, computers were protected by anti-virus software, and modems had complex inbuilt security measures. But as technology has advanced, and additional connected devices are being added, the “attack surface” has continued to expand. 

Smart home devices offer more access points than ever before, wireless lights, thermostats, home security sensors, intelligent streetlights, smart meters and many more. These millions of sensors and devices present a great opportunity for hackers and a great vulnerability to everyonel.

The Internet of Things allows us to carry out activities far easier and faster than ever before. But as the landscape develops, we must ensure that it does not present bad actors with a backdoor into our lives. 

Privacy and Security is a Serious Problem
Devices are collecting ever-increasing amounts of information. This might be as basic as the IP addresses our IoT devices communicate with to the state of our health. With the advent of 5G, even more data will be collected, stored and shared across devices and platforms. Without proper security measures in place, every piece of data we generate, whether intentionally or passively, will be open for identify theft, financial gain, and potentially even damaging to our health. 

Merging Physical and Cyber Security 
We are beginning to see technologies physical and cyber becoming entwine. By merging physical and cyber, with bi-directional feedback between the domains we’re able to gain greater insights into behavior patterns, which allow us to continually innovate products and provide better endpoint security. There are practical use-cases that prove the benefit of combing the physical and cyber on one platform. For example, when abnormal behavior or an attempted intrusion is detected on the network, a monitored alarm system can automatically arm itself in expectation of a potential burglary. Now,if an attempt is made to access the home network onsite during a time that the IoT/alarm system does not expect someone to be at home then an alarm can be raised. The same monitoring center that monitors burglary alerts can learn to deal with cyber alerts, but you must ensure that this happens.

IT Professionals have New Concerns
The more devices become ubiquitous within organisations, the higher the risk. Securing IoT networks from attack is essential but is full of significant challenges. Many modern IoT devices lack the power and sophistication required to support traditional security measures. 

The strongest IoT network is only as strong as its weakest link. A single point of failure can enable multiple points of attack.  IoT Threat can be classified into 4 types:

  • Denial of Service (DoS) – This threat denies or prevents user’s resource on a network by introducing useless or unwanted traffic
  •  Malware – Attackers use executable code to disrupt devices on the IoT network. They may gather sensitive information, or gain unauthorized access to the devices. The attacker can take advantage of flaws in the firmware running on the devices and run their software to disrupt the IoT architecture.
  • Data breaches – This is a security incident where sensitive, protected or confidential data is retrieved from the network. Attackers can spoof ARP packets to listen on the communication between peers on the network.
  •  Weakening Perimeters – IoT network devices are currently not designed considering the pervasive security. Network security mechanisms are not often present in the devices making the network a vulnerable one for threats 

Shortage of Cyber Experts Continues
Most cyber security ecosystems are developing a variety of cyber solutions by collecting vast amounts of information from the network and endpoint devices in order to detect untrustworthy malicious activity in the IoT network. Even with AI as part of the decision-making process, a human eye is still needed but, the shortage of cyber training resulting in fewer experts is increasing.

This drives most IoT service providers to give up, creating the need for a SOC-less solution. 2020 will see the rise of alternative security solutions, such as our SigmaDots technology, dramatically decreasing the need for a SOC service by enabling a self-protected ability to block most of the attack methods and vulnerabilities that hackers are using to attack IoT networks.

With technology permeating into more and more aspects of our lives, we must begin thinking about securing our smart devices with the same (or even more) seriousness as we do leaving our front doors unlocked, or our wallets unattended. 
 

Techradar:         ZScaler:         Arvix 1:         Arvix 2


You mIght Also Read:

Easy Cyber Knowldege Ch.4 The Internet of Things (£):

Manufacturing And The Industrial IoT:

« Australian Parliament Hacked
British Elections: The Parties Manifestos On Cyber »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Sophos

Sophos

Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyberthreats.

AVG Technologies

AVG Technologies

AVG is focused on providing home and business computer users with the most comprehensive and proactive protection against computer security threats.

Marvell Technology Group

Marvell Technology Group

Marvell is a semiconductor company providing solutions for storage, processing, networking, security and connectivity.

Blaze Information Security

Blaze Information Security

Blaze Information Security is a privately held, independent information security firm born from years of combined experience and international presence.

Bright Machines

Bright Machines

Bright Machines delivers intelligent, software-defined manufacturing by bringing together our flexible factory robots with intelligent software, production data and machine learning.

Google for Startups

Google for Startups

Google for Startups is Google’s initiative to help startups thrive across every corner of the world.

Pioneer Search

Pioneer Search

Pioneer Search is a UK based Technology & Change, Electronics Engineering, Cyber Security & Cloud and Data & Analytics Employment Agency.

Redwall Technologies

Redwall Technologies

Redwall provides cybersecurity expertise and technology to prevent and respond to emerging threats against mobile applications and connected infrastructures.

Cygenta

Cygenta

Cygenta brings a new approach to cybersecurity. We understand that true security means having digital, human and physical security working in harmony.

Team Secure

Team Secure

Team Secure provide Enterprise-grade Cyber Security consultancy, managed security services and cyber security staffing services.

Accedian

Accedian

Accedian is a leader in performance analytics and end user experience solutions, dedicated to providing our customers with the ability to assure their digital infrastructure.

BJSS

BJSS

BJSS is an award-winning technology and engineering consultancy for business.

Driven Technologies

Driven Technologies

Driven is a cloud native service provider transforming the way companies leverage technology to improve business by securing, modernizing, and connecting applications, users, and data.

CoinCover

CoinCover

Blockchain technology is changing everything. However, it brings its own set of unique risks. Coincover ensures everyone is protected, enabling them to innovate freely, without constraints.

Ryan Financial Lines

Ryan Financial Lines

Ryan Financial Lines Cyber provides risk transfer solutions for complex cyber and technology exposures, globally.

Dream

Dream

Dream is developing an AI platform that enables cyber resilience and protects nations from hostile nation-states cyber attacks.