The Internet of Things: Hackers Attack

By 2020 it is projected that the world will have over 24 billion IoT devices. When we discuss IoT, we mean all the devices that are accessed through the internet via IP addresses and that communicate with it. These devices can range anywhere from printers and copiers, to coffee makers, blenders, lighting and climate control systems.

This projected growth has a number of exciting benefits which will alter our way of life on a day to day basis. Looking past the “cool” factor of having a smart home, the benefits are actually there in terms of energy efficiency, cost, etc. However, in light of the high profile cyber-attacks carried out in the last few months, a lot of questions have risen, particularly in regards to the security gaps of the IoT and the future. What is there to do about it?

In October, Dyn, an internet infrastructure company was subject to a DDoS (distributed denial-of-service) attack which came in three waves. The attack made access to Twitter, Amazon, Netflix and many others impossible. Apparently, a piece of malware (Miraj) that searches the internet for IoT devices and gets them to attack websites was responsible for this particular attack.

Another very similar attack was released on KrebsOnSecurity (a security news site ironically). Roughly 145,000 IoT devices hijacked the website. As one can imagine, the attacks had a massive impact on the companies both cost-wise and functionality-wise.

Last year, Ukraine suffered the first blackout from a cyber-attack when a group of hackers took down a power grid. These targeted attacks on Ukraine and organisations such as Dyn and KrebsOnSecurity are getting average consumers worried about their own privacy as well. If a consumer’s life is so deeply enmeshed in technology, what, if anything will be off limits to hackers?

IT security professionals are requesting a development in regulations as the main issue with IoT devices is that manufacturers have been slow in implementing security. Due in part to wanting to maintain costs as low as possible, devices are equipped with basic software that doesn’t update itself, thus making it easy to hack into. With attacks happening smart devices that are up to current standards are being released more and more, however the majority can’t be integrated into software and hardware protections. This is due to new data traffic to the network that operates in different ways, making it hard for IT departments to protect themselves as there are a wide range of network protocols.

So, what are the main IoT security issues that the industry will need to overcome?

First of all, public perception should be the first thing addressed. A study by Icontrol State of the Smart Home study found that 44% of all Americans were “very concerned” about information being stolen from their smart home, while 27% were “somewhat concerned”. That level of concern is very high, making it an impediment in the expansion of IoT. If consumers are worried about their privacy and data then purchases of devices will not grow to projected levels.

Secondly, vulnerability to hacking needs to be addressed. Researchers from Microsoft and the University of Michigan were able to hack into real and current devices. When they took on Samsung’s SmartThings they found a wide range of holes in their security which were easily infiltrated.

And lastly, securing IoT devices is all well and good, but if companies don’t start securing the software and network connections that link with those devices then they leave themselves wide open.

The issue with securing IoT devices from all sides is that it will add more cost to the device. While a higher cost is a preferable option to the looming shadow of cyber attacks for companies, it is most likely not so for consumers. This needs to be addressed in the short term by raising awareness of the risks posed by unsecure IoT devices. However, most manufacturers will most likely not address this issue unless the demand for securely connected IoT devices increases. It’s a bit of a vicious cycle.

For the foreseeable future, the trend looks as though it will be getting worse, rather than better. There are so many different parties trying to figure out how to use the Internet as a weapon and while governments try to go against them and fight them, it’s likely that cyber attacks will see a rise in frequency and impact.

Are you looking for a new challenge in the Dynamics 365 or Salesforce space? Click here to view our live vacancies.