As an increasing number of companies aim for a comprehensive digital transformation, the need for greater connectivity and adoption of IoT is only matched by the proliferation of cybercriminals, both the masterminds and buyers of crime as a service, whose main objective is the exploitation of IoT devices, whose final objective is to attack the entire organization. IoT devices can be compromised to leak data, damage operations, deny service, or infiltrate the organization’s IT network.
Their ever-increasing numbers – current statistics range from 27.5 billion devices to 75 billion in just a few more years – means that secure communications and the adoption of IoT security solutions are crucial.
A recent survey revealed that an average of 61 percent of companies are using IoT to strengthen their operations. At the same time, 28 percent of companies experienced a cyberattack due to the use of IoT infrastructure, as threats on IoT devices tripled compared to the same period last year.
The data and findings are based on extensive research conducted in cooperation with Infiniti Research, a leading provider of market intelligence solutions for leading players in all industries.
As devices, networks, and uses of IoT are an evolving domain, organizations must keep abreast of developments in the ecosystem to take advantage of operational and cost benefits ahead of the competition.
Cybersecurity is a mainstay in enabling IoT deployment and, in many cases, an inhibitor of large-scale remote operations, if not taken into account at the design level. Both hardware and software must be protected.
For other IT networks and other connected devices such as laptops, servers, mobile phones, and others, security is often an afterthought, added to close security gaps on the fly.
However, the simplicity of IoT devices in terms of software and hardware, and the ability to share data on a large scale between applications and systems, are advantages that can bring down an organization.
We’ll look at some of the factors that make IoT device security a top concern and push the importance of addressing it.
- Increased dependence on IoT devices – The increasing reliance on IoT devices is due to their efficiency, ease of use, automation capabilities, and time- and money-saving features. Furthermore, the world of IoT opens up new business models for organizations, monetizing data as a service, product as a service, and process as a service. These new business models are supported by the digital transformation that has resulted in the need for greater connectivity and technologies, such as 5G, AI and machine learning, and the greater adoption of IoT, especially in communications, finance, hospitality and attention. Additionally, the global telecommunications industry relies on IoT adoption to monetize 4G and Accelerate 5G adoption to achieve business goals, while the automotive sector relies on IoT to advance vehicle operation and capabilities. connected.
- Increasing Incidence of Data Breaches – The proliferation of connected devices has created a security blind spot where cybercriminals can launch zero-day attacks to compromise devices such as webcams, smart TVs, routers, printers, and smart homes. The ramifications of such attacks range from inconvenience to day-to-day privacy to disastrous shutdowns. This doesn’t even consider brand damage, liability issues, and regulatory penalties. Remember the lawsuit filed in December 2019 against home security product provider Ring for reports of multiple hacking incidents on their security cameras? The good news is that this incident increased market awareness of the security of IoT devices and the demand for more effective security software.
A 2020 Thales Data Threat report indicated the following top IoT security concerns:
- Privacy violations related to data generated by IoT devices: 26 percent
- Attacks on IoT devices that can affect critical operations: 33 percent
- Loss or theft of IoT devices: 27 percent
- Lack of product updates provided by manufacturers. – To speed time to market, manufacturers spend less time testing and protecting their devices. The lack of IoT industry standardization also means that manufacturers have had to base scheduling protocols on the ecosystems of their hosts, losing synchronization between platforms, limiting developers’ ability to create a universal security protocol, and offering hackers across multiple platforms from which they can breach devices and steal data.
- Vulnerabilities built into the security of IoT devices – IoT vulnerabilities are wide and extensive thanks to default or hard-coded passwords and fewer manufacturer updates. Furthermore, the wide range of transmission technologies makes it difficult to follow standard protocols, resulting in unsecured networks with exposed and defenseless IoT devices.
There has also been an increase in the number of attacks on blockchain-based applications, where social engineering is used to extract usernames and passwords.
While some IoT device security companies are taking steps to identify threat intelligence data and combine it with endpoint security solutions to minimize vulnerabilities, they cannot offer complete security against hackers, as the technology requires regular testing, patching and updates.
Market trends pointing to an optimistic future
IoT security is being addressed with a variety of approaches and technologies.
- The growth of blockchain – This decentralized and distributed ledger-based technology enables the direct exchange of information between connected devices. It monitors the information collected by the sensors, without duplication, and allows the sensors to transfer data, eliminating the need for a trusted third party. For example, IBM introduced a new supply chain service based on its blockchain platform, which helps developers combine data in the distributed ledger with the help of an API. This enables end users to securely integrate data from IoT sensor systems into the hyperledger.
- Increased use of AI for IoT security – AI helps protect assets, reduce fraud, support analytics, and enable automated decision-making in IoT applications. Machine learning can be used to monitor incoming and outgoing traffic on IoT devices to create a profile that determines the normal behavior of the IoT ecosystem, helping to detect threats through unusual behavior patterns.Additionally, the use of artificial intelligence to collect data from smart homes and organizations, webcams, and other IoT devices helps provide data security and strengthen privacy, reducing the chances of cyberattacks. future office designs and detect suspicious activities. Aerospace and defense companies are combining IoT, AI, and cloud infrastructure to discover DoS or DDoS attacks.
- Taking a network-based approach to IoT security – IoT security is critical to all aspects of business and personal security. However, due to the volume of devices and the variety of manufacturers that can end up in the same environment, it is almost impossible to guarantee the highest level of security in each one. Therefore, protecting everything at the network level ensures that threats never have a chance to reach devices. In addition, if the manufacturers use virtual SIM cards, they can be easily updated with security applets from the network itself with a minimum of hassle.
There are a myriad of approaches to address cybersecurity gaps that exist in IoT deployments. As the market prepares for hypergrowth, we can expect to see a growing ecosystem of companies offering solutions for IoT cybersecurity, at the hardware, software, communications and network level.
We are already seeing cybersecurity companies broaden their offering to address the specifics of IoT, as well as leading device and software manufacturers taking a stance on security and aiming to integrate it into their products.
National bills and regulations, as recently passed in the United States and Australia, define basic guidelines, but do not provide organizations with the tools they need to comprehensively protect themselves.
Additionally, as in most cases, vendors are playing cat and mouse with threat actors, covering one point of entry and leaving others exposed. Organizations that methodologically adopt a security and network-based approach to their networks and IoT deployments have the advantage of scalability, flexibility, and device independence, increasing their security position in this threat landscape. constantly evolving.
The right approach to security will ensure that IoT devices make it easy for everyone except threat actors.
The full FirstPoint Mobile Guard-Infiniti Research report, which will include the size and trends of the IoT security market, will be available in mid-September on FirstPoint Mobile Guard.
Adam Weinberg, Founder and CTO of FirstPoint Mobile Guard (www.firstpoint-mg.com), applies its extensive executive R&D experience in communications intelligence and cyber technologies to shape FirstPoint solutions, which protect any SIM device, anywhere, against specific cellular network attacks, without applications and without intervention. of the user.
The IoT post – just not secure, but it may appear first in ReadWrite.