Article

Kristofer Mansson
Kristofer Mansson 27 March 2018

Three Pressing Cyber Threats for IoT in 2018

Every year we see new pressing cyber threats, from new targets for hackers to new issues cropping up in the cybersecurity space. 2018 will be no different. One area that has recently got a lot of attention is IoT devices, as the use of such devices has increased in both the public and private sectors. Here at Silobreaker, we are keen to highlight three pressing cyber threats to IoT devices that we believe enterprises need to be aware of:

Every year we see new pressing cyber threats, from new targets for hackers to new issues cropping up in the cybersecurity space. 2018 will be no different. One area that has recently got a lot of attention is IoT devices, as the use of such devices has increased in both the public and private sectors. Here at Silobreaker, we are keen to highlight three pressing cyber threats to IoT devices that we believe enterprises need to be aware of:

Industrial Take-Downs

By 2020 it is expected that 25% of cyber-attacks will target IoT devices, many of which will be deployed in industrial environments. Infection and covert usage of IoT devices to mine cryptocurrencies or conduct DDoS attacks is a trend that isn’t slowing down, and one that is especially problematic in the industrial space because Industrial IoT devices tend to be both poorly secured and difficult to patch, especially across a distributed environment such as manufacturing.

It’s true that Mirai, and variants such as Okiru and Satori, pose a major risk to manufacturing, where the reduction of a connected device’s processing power can seriously impact safety or disrupt processes. But there is also the potential for untargeted, collateral damage in this space. The prospect of motivated attackers leveraging destructive malware such as BrickerBot to wipe devices is highly concerning, but such ‘attacks’ need not even be targeted to cause damage. A wormable exploit such as the one used by WannaCry could cause widespread infection of industrial IoT devices –  to devastating effect – quite regardless of the original intentions of the attacker. We expect to see a major event of this kind take place in 2018.

Bringing in the Professionals

Another pressing threat for 2018 is a dearth of skills and resources. Humans are still the weakest link in the security chain, but hiring and training people who can understand and respond to issues in the threat space is only becoming more difficult. Demand is rising much faster than supply, with 3.5 million unfilled positions in the cyber security field expected by 2021. At the same time, the eternal catch-up game played between criminals and analysts continues, with threats becoming more sophisticated and widespread every day.

As we further integrate IoT technology into our lives and into sectors such as manufacturing and critical infrastructure, this problem is not going to go away – it is going to get worse. The skills we need to protect ourselves: analysing information, separating intelligence from noise, and understanding the motivations of threat actors, are in short supply. They need to be cultivated. And to some extent this is happening; we’re simply not doing it fast enough. If this skills gap widens too fast, and too quickly, it won’t matter how much companies are willing to pay to fill these vital positions; we will all become victims.

To mitigate this issue, we need to put more effort than ever into hiring, training and retaining the next generation of cyber security experts. Information security is increasingly being viewed as more than an IT-only problem, which is a big step, but budgets don’t always scale with intentions. Yes, working to improve the “cyber hygiene” of employees is important, but no organisation is unbreachable. And we need many more skilled people if we want to be prepared for when the worst happens.

The Most Tantalising Treasure is Data

Theft and manipulation of personal information from IoT devices is a growing concern for 2018. With IoT machines becoming ever more popular with consumers, we need to come to terms with the idea that our personal information is more at risk than ever. Devices such as Amazon’s Echo and other virtual assistants allow us to (often unwittingly) sacrifice convenience for security – as we learned when a researcher used malware to stream audio to a remote server. Or when a Bluetooth vulnerability rendered Echo, Google Home and billions of other devices vulnerable to hijacking. We don’t know all the potential methods by which our personal information - what we say and do in our own homes - can be used against us, because having one’s personal life potentially exposed in this way is brand new. Identity theft and the resale of shopping habits are all perfectly possible, but this data can also enable crime in the physical world. If you’ve suddenly stopped ordering your weekly groceries, maybe there’s nobody at home? Assuming such information can be accessed, it will certainly be sold.

Mitigating data theft from devices like Echo is both a manufacturer issue and a consumer one. The more these devices are sold and used, the more attractive targeting them becomes for criminals. At the same time, the longer consumers wait before purchasing, the more tried and tested (and secure) this technology becomes. Purchasing from quality vendors will also reduce the risk of security ‘oversights’ and make sure that vulnerabilities are patched. Fundamentally, it also comes back to the very personal question of convenience versus security; to what extent are the risks worth the rewards? Caveat emptor.

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
Digital Marketing Vs. Traditional Marketing: Which One Is Better?

Digital Marketing Vs. Traditional Marketing: Which One Is Better?

What's the difference between digital marketing and traditional marketing, and why does it matter? The answers may surprise you.

Julie Cave
Julie Cave 14 July 2016
Read more
Top 10 B2B Platforms to Help your Business Grow Worldwide

Top 10 B2B Platforms to Help your Business Grow Worldwide

Although the trend of a Business to Business portal is not new but the evolution of technology has indeed changed the way they function. Additional digital trading features and branding has taken the place of...

Salman Sharif
Salman Sharif 7 July 2017
Read more
7 reasons why social media marketing is important for your business

7 reasons why social media marketing is important for your business

Social media is quickly becoming one of the most important aspects of digital marketing, which provides incredible benefits that help reach millions of customers worldwide. And if you are not applying this profitable...

Sharron Nelson
Sharron Nelson 6 February 2018
Read more
Collection Of The Best Email Testing Tools Online

Collection Of The Best Email Testing Tools Online

Don’t be afraid of email testing. There are many free or freemium tools online that can help you with testing your SPAM score, deliverability and even the rendering of your email. We feature 30 email testing tools in...

Roland Pokornyik
Roland Pokornyik 31 October 2016
Read more
4 Important Digital Marketing Channels You Should Know About

4 Important Digital Marketing Channels You Should Know About

It goes without saying that a company can't do without digital marketing in today's world.

Digital Doughnut Contributor
Digital Doughnut Contributor 5 November 2014
Read more