How Much of a Security Threat does IoT Pose?

Internet of Things concept/ Photo By TierneyMJ via Shutterstock

 

Discussions about the Internet of Things are no longer what they were a few years back. Less than five years ago, scientists and engineers of technology addressed the possibility of connecting regular home devices to the internet with eagerness. Admittedly, the idea of your fridge being able to alert you when your milk has run out, or your shower automatically turning itself on when you get to the house seemed like an efficient way of implementing a “smart home”. Soon as the actualization of this dream began, however, there have been major issues popping up from users, both at home and corporate levels.

Security tops the list of concerns when it comes to IoT. Initially, they were not considered a security threat to users because they were set up to function separately from other users' gadgets. In time, however, the need for synchronization emerged, coupled with the adaptation of smart appliances in corporate levels. User data had to be synchronized with hand-held devices and machines in corporate buildings were connected to office networks. Eventually, basic appliances became connected to larger systems and networks without proper security protocols in place to protect the people using them. These changes are what brought about many security threats in the world of IoT as discussed below.

A New Kind of Ransomware

Ransomware attacks are not news in the cybersecurity world, but with IoT, things are a little different. Initial ransomware attacks were focused on blocking users out of services, personal or corporate information which usually contained sensitive data. Attackers are smart enough to know, however, that ventilation and lighting systems are not used for storage purposes. The approach of these attacks towards IoT was directed towards denying users access to the devices and machines completely. These attacks may seem harmless, but when initiated on a larger scale, may lead to devastating consequences. For instance, if a ventilation system within a hospital or an underground facility was compromised, the result could be devastating. Storage facilities which keep frozen foods could have cold rooms shut down, leading to huge incurred losses from rotting of products.

Lack of Logging Systems

IoT systems are not programmed to be like computers which are constantly gathering activity logs. These are machines which have been digitized to a minimal level to simply enhance the living and working conditions of the people using them. The lack of mechanisms to track user activity or detect anomalies within the network gives hackers an ideal platform to embed malware within the company network and go undetected for long periods of time. Colin Tankard, MD Digital Pathways notes that IoT systems are not intelligent beyond their designated scope of functionality and lack any mechanisms to enforce security within the networks that they operate.

Long Lasting Systems

Unlike other electrical components such as computers and mobile phones, IoT systems are long lasting. They are built to be physically robust because they are sometimes tedious to transport and install. These systems are also very expensive to purchase and operate. Network-connected machinery lasts even longer than regular machinery and if the systems are installed without proper security enforcement protocols put in place, they become a potential security threat at homes, in offices, and in industries. With end-of-life periods reaching 10 to 15 years, a company faces great security risks if there are no proper mechanisms to protect their networks. Furthermore, new machinery continues to be developed during the long lifespans, which leads to a decline in the quality of services offered for support systems.

 

Duo tone graphic of Internet of Things concept / Photo By Chombosan via Shutterstock

 

General Neglect

Perhaps the core of all the security problems being witnessed within the IoT realm is the fact that security itself was an afterthought of development. The rush and excitement to connect everything to the internet blinded both developers and investors to the potential risks that may accompany such an arrangement. The focus was creating technology that was exciting and that would sell quickly to the public while neglecting the factors that would undermine later production and distribution of these systems.

The internet of things was and still is an exemplary achievement in the technological age which we live in. However, there have been many factors which have prevented the public from embracing the technology as smoothly as was expected one; the greatest one being security. The implications of unsecured machinery connected to networks both inside and outside our homes have proven to be potentially disastrous if they are not addressed. Moving forward, investors and developers must opt to place security as one of the most important requirements in the development and testing of machinery, because it is. Consumers must also educate themselves on the dangers that lurk within smart appliances and must actively participate in ensuring their own security.