Internet of Things Is The Next Big Security Risk

Uploaded on 2017-04-07 in TECHNOLOGY-Key Areas-Internet of Things, TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Resilience

The Internet of Things (IoT) has been the target of many recent high profile cyber-attacks, but the full scale of its vulnerability is yet to be seen.

Rick Conklin, vice president of engineering at Dispersive Networks, writing for the Entrepreneur, argues that attacks like that inflicted on Twitter in late 2016, which was caused by a surge of bots on hijacked unsecured IoT devices, are only set to become more commonplace.

According to Juniper Research, whose recently published report titled Internet of Things for Security Providers: Opportunities, Strategies, & Market Leaders 2016-2021 examined consumer and corporate IoT usage, the number of installed IoT devices for consumers alone will surpass over 15 billion units by 2021.

In another study, this time conducted by HP, it was found that some 70% of IoT devices are currently vulnerable to attack. When considered alongside how many unprotected devices will soon be online and susceptible, Conklin believes that the security risk posed is "beyond anything we've currently seen in the realm of cybersecurity".

However, he notes that much of this insecurity is down to bad security habits rather than sophisticated software or hackers. These include the use of pre-set passwords and default usernames.

Perhaps most significant is the threat posed to the healthcare system. Action Fraud issued a report on 17 February warning of the latest scam, this time coming in the form of a fake tax rebate. This is not the first time the NHS has been attacked.

Earlier in January, an investigation by National Health Executive (NHE) revealed that cyber-attacks on the NHS had more than quadrupled in the past four years.

Nor is it a uniquely British problem, as a report by the European Union Agency for Network and Internet Security (ENISA) last year uncovered an alarming trend across the EU of ransomware targeting MRI machines, CT scanners and even dialysis pumps.

The cyber security agency commented: "The need for improved, and even remote, patient care drives hospitals to transform by adapting smart solutions, ignoring sometimes the emerging security and safety issues. Nothing comes without a price: hospitals are the next target for cyber-attacks."

While these attacks were targeting data, a large-scale attack may put lives in danger if vital machinery is shut down.

Conklin suggests that hospitals "adopt improved security practices such as: password management, policies to ensure all devices are up to date/passwords get changed, network segmentation, software-defined network overlays with security built in and improved data management policies. Vital to ensuring that these practices get used successfully will be administrators that make them part of the hospital's workplace culture."

MisCo:

Internet of Insecure Things:

Internet of Things will drive the Digital Revolution of Industry:

 

« Technology Will Demolish Slow Internet Speeds
Warning Over Russia's Cyber Warfare Methods »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

RSA Conference

RSA Conference

RSA Conference conducts information security events around the globe that connect you to industry leaders and highly relevant information.

CyberPolicy

CyberPolicy

CyberPolicy is a cyber protection solution for small businesses. It combines three important components against cyber threats - Cyber Plan, Cybersecurity and Cyber Insurance.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Suprema

Suprema

Suprema is a leading global provider of access control and biometrics solutions.

Egnyte

Egnyte

Egnyte delivers secure content collaboration, compliant data protection and simple infrastructure modernization; all through a single SaaS solution.

TOAE Security

TOAE Security

TOAE Security is a trusted cyber security consulting partner helping today's leading organizations protect their most important assets from evolving cyber threats.

Global Lifecycle Solutions EMEA (Global EMEA)

Global Lifecycle Solutions EMEA (Global EMEA)

Global EMEA provides full lifecycle services to corporate Clients covering procurement, configuration, support, maintenance and end-of-life asset management.

MythX

MythX

MythX is the premier security analysis service for Ethereum smart contracts.

Panorays

Panorays

Panorays automates third-party security lifecycle management. It is a SaaS-based platform, with no installation needed.

CyberCX

CyberCX

CyberCX provides services from strategic consulting, security testing and training to world-class managed services and engineering solutions.

Aristi Technologies

Aristi Technologies

Aristi provides cybersecurity risk and compliance services to help manage your unique cyber risks, safeguarding your systems and data and complying with government and industry standards.

Zemana

Zemana

Zemana provides innovative cyber-security solutions to deal with complex malicious software and other cyber threats.

Hexens

Hexens

Hexens introduces a whole new approach to cybersecurity solutions. Indisputable skills and a unique super-focused perspective on every single case are the values we create.

CYBRI

CYBRI

CYBRI is a cybersecurity company helping businesses detect and remediate mission-critical vulnerabilities before they get exploited by hackers.

Eclypses

Eclypses

Eclypses has a disrupting cyber technology, offering organizations an advanced data security solution called MicroToken Exchange (MTE).

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.