Advertisement

Srinivasan C.R.

Srinivasan C.R. is Senior Vice President, Global Product Management & Data Centre Services at Tata Communications

More From The Author >>

Security for the Internet of Threats

Another problematic insecurity is the network that IoT data travels over. In addition to vulnerabilities in the device, malicious elements can reach your system through insecure networks. However, as technology progresses rapidly, end-to-end security is not keeping pace.

It may come as a surprise to some that, at this moment in time there are probably more ‘things’ connected to the Internet than people. In 2016 there were an estimated 6.4 billion connected devices in use worldwide – a figure that is projected to hit 20.8 billion by 2020. What’s more, as users we’re more connected than ever, with figures showing that the average internet user today owns 3.64[1] devices, uses 26.7[2] apps, and has an online presence on seven[3] different platforms. 

While this ubiquitous global connectivity enabled by the Internet of Things (IoT) opens great possibilities for personal and organisational growth, it also exposes us to security vulnerabilities that can cause financial loss, endanger personal and public safety, and cause varying degrees of damage to business and reputation. Anything that is connected to the Internet is a potential attack surface for cybercriminals.

A new landscape for hackers 

IoT brings with it a host of new possibilities, from smart city advancements to transforming how industries produce goods. The Industrial Internet of Things (IIoT) has seen significant advancement in recent years. For example, by connecting assets in a factory organisations can have better insight into the health of their machinery and predict any major problems with their hardware before it happens – allowing them to stay one step ahead of their systems and keep costly outages to a minimum.

However, in the rush to connect every ‘thing’ in sight, from lampposts, to factory machinery, to the wearable fitness monitor on your wrist, security has ranked low down on the priority list. Despite most manufacturers taking steps to build-in security, it doesn’t count for much if the end-user implementing the technology doesn’t properly configure the devices. What’s even more disconcerting is a recent study that suggests that 70 percent of all IoT devices have serious vulnerabilities.[4]

For example, an organisation may roll out a series of sensors across their factories, but fail to set up passwords. Those same sensors are subsequently left vulnerable to be used for malicious functions they were never designed for.

Security is also a concern for governments who are investing in smart city infrastructure. IoT has the potential to create a wealth of new services and improve existing public services. Without adequate security, however, innocuous items that generally pose no threat can be transformed into something far more sinister. For example, traffic lights that tell cars and pedestrians to go at the same time, or changing tracks to put a commuter train on the wrong course. A real life example of this kind of disruption came to light in late 2016, when San Francisco’s public transit system was hacked – forcing the city to allow commuters to travel for free, and causing wide-spread disruption across the city.

The insecurity of things

Another problematic insecurity is the network that IoT data travels over. In addition to vulnerabilities in the device, malicious elements can reach your system through insecure networks. However, as technology progresses rapidly, end-to-end security is not keeping pace.

What’s worse is that this is a sin that has been committed in the past. Specifically, when the initial worldwide Internet infrastructure was being built from 1990 to 2005. During this period security was an afterthought, and that enabled early hackers to grow and disrupt.

With this in mind, it’s important that organisations take time to pause and think about how they can work together to create an end-to-end infrastructure that can deal with the influx of new devices.  

Know your enemy

As with any defense, the first step is to be aware of the threats and arm yourselves with the appropriate tools to minimise the risk of falling into those traps. There are many effective methods of preventative and reactive security, but each approach will differ depending on the devices in your ecosystem.

An overall understanding of the end-to-end journey of your data, and the threats it faces at each leg of the journey will be beneficial, and organisations who work with partners to create a secure network for their devices will be rewarded in the long run. Unfortunately, there’s no ‘one-size-fits-all’ approach to securing the IoT infrastructure, and it will take a considered, group effort to ensure this beneficial technology evolves in a secure, and effective way.   

[1] Global Web Index – Digital Consumers Devices

[2] Nielsen – So Many Apps, So Much More Time

[3] Global Web Index – Internet Users and Social Accounts

[4] HP Study Reveals 70 Percent of Internet of Things Devices Vulnerable to Attack

Disclaimer: The views expressed in the article above are those of the authors' and do not necessarily represent or reflect the views of this publishing house


Tags assigned to this article:
security internet of threats

Around The World

Advertisement