The vastness of Internet of Things (IoT) is giving birth to security concerns in newer ways. Cybersecurity experts often term IoT security as “ticking time bomb,” which gives an ominous premonition of “security apocalypse.” Let us see what is really at risk as we move towards a scenario when we will sit amidst 20.4 billion connected devices by 2020.
IoT vulnerability
Firstly, the reason behind IoT vulnerability should be figured out. The implementation of IoT software and hardware decides the conventional/ unconventional malware prevention strategies. People buying consumer products like kids’ toys, luxury cars or even medical apparatus like pacemakers are not aware to think of security issues. On larger aspects, critical infrastructure like electricity, electronics or irrigation and also defense are now connected. The digital criminals are also toiling hard to paralyze the advancements a nation can dream of.
The problems being theoretical, IoT malware has apparently infected almost 1 million organizations already. It includes ransomware attack, hacking healthcare devices, targeting manufacturing industry, and media which is already paying hefty prices to lead to myriad mayhem.
Major IoT security hurdles
Among many, some of the bigger IoT-related security problems are:
- Mirai: Lately, Mirai botnet has brought down part of the internet by exploiting factory default and passwords
- DDoS attacks (2016): The utilities surrounded by a jewelry store running on CCTV devices were hacked
- DDoS attacks on security journalist site: The hackers generated 660 Gbps of traffic with the help of 5,00,000 internet-connected cameras, causing the company Akamai to let go when it became impossible to hold the amount of traffic
- Persirai botnet: More than 1,00,000 IP-connected cameras were attacked, giving the hackers access to the cameras’ internet feed
Despite these, many organizations still think IoT security is a future worry and thus don’t do any R&D on its security measures.
Boosting IoT security
It is never too late for the companies to take initiative on mitigation of IoT-related risks. Building devices based on security-inflicted platforms can secure the operating systems a bit. In addition, IoT architecture supports patching of software at a different scale.
It is necessary to ensure that IoT devices have a workflow that changes default passwords. The buyers of connected devices subscribe to security services and act on all threat reports as per circumstances. When IoT exploits are turning into reality, it’s crucial that IoT users apply patches to lessen the danger of-of zero-day threats. It is almost like being aware of a problem but not doing anything about it. As a result, the organizations would never be in a safer vicious circle.