The changing landscape of the Internet of Things (IoT)

More use-cases and more devices mean more threats - also for businesses

Author: Philipp Rogmann
Date: 30.09.2015
Read Time: 5 Minutes

For a long time the Internet of Things (IoT) was not a business security topic at all. Business networks were constantly attacked in traditional ways and the attacks included mobile devices brought by employees (BYOD) as time progessed. At this point in time no experts can definitely say what implications the IoT will have, because we are pretty much at the beginning of the developments. A study done by Gartner implies that there will be 4.9 billion devices connected to each other by the end of 2015. This number will supposedly grow to 25 billion by 2020. And there are already a lot of business ideas to earn money with this new technological development. This leads to very heterogenous architectures that generate new threats.

What is the Internet of Things?

The Internet of Things (IoT) will be the bridge between the real and the virtual world by implementing devices that simplify and automate life itself. Main goal is to embed different devices in such a way that they are fully implemented and exist as silent support for all parts of daily life. In the long term all devices in the IoT should be self-sustainable and exchange information in a way that leaves very little need for support by human beings. Even today so called Wearables (devices like smart watches and wristbands) communicate with networks to process health information and positional data.

Because the devices on the IoT are so closely connected and embedded in human life, it is mandatory that security remains a top priority to ensure that personal data is not accessible to unauthorized people (using RFID chips for example). All of this will be achieved by a standardization of all architectures that are part of the IoT and should lead to an integration of every device with a microcontroller into the Internet of Things.

Vulnerable systems are on the rise

It is impossible to see the complete potential for threats that may evolve from more IoT devices, because no one can pinpoint the scope of threats and developers of devices for the Internet of Things do not primarily concern themselves with security. It is however mandatory to develop security solutions for heterogenous system architectures. It is already time to evaluate the manyfold risks and find solutions where possible. The problems that developers of such solutions face are: what kinds of devices will be used in what form and in which architecture and using which operating system? Closed structures like Apple’s iOS are – at least at first sight – the most secure for this.

Not only developers of operating systems and architectures, developers of applications for the Internet of Things, but also cybercriminals have started defining their goals. As mentioned before hackers and developers of cyberattacks are constantly on the hunt for the easiest targets and the IoT gives them a wide variety of new devices as targets. This is why security providers have started with their own research to be able to deliver and guarantee protection in the future.

Results are completely unclear

To achieve the most secure Internet of Things possible from the get-go there are quite a lot of factors that need to be kept in mind. Especially because no one knows what security breaches cybercriminals may find, basic principles on how devices communicate with each other need to be established. While no one would think of securing a refridgerator or thermostat, they can still be threats to the overall network if they are connected to other – possibly more important – devices.

There are countless examples that show that even seemingly unimportant nodes in a network can lead to security breaches. An example from the beginning of the Internet illustrates this well: While the NASA mainframe was protected well and only administrators were able to access sensible data, there were library nodes that were connected to the NASA mainframe. The library computers were publicly accessible without certified accounts. This helped clever hackers find a security hole: They used the library computers to log on as administrators for the local machines (the installed UNIX operating system still had the predefined passwords for administrator privileges). The mainframe inherited the user privileges from the remote library computers and suddenly the hackers gained administrative privileges on the mainframe.

Hacker Gary McKinnon used a very similar approch in 2001 and 2002. And those examples illustrate clearly: Each and every device needs to be protected to not become a possible entrypoint for security breaches.

What can be done?

Nowadays a SmartTV is used to deliver presentations in more and more companies worldwide, employees have their own tablets and smartphones. And the sheer amount of devices will only increase and not decrease as the aforementioned study by Gartner cleary shows. This makes it mandatory for every business to work with security providers that keep their fingers on the pulse of developments and research the implications the intelligent devices will bring. Additionally businesses need to decide for each device whether or not they absolutely must be part of the internal WiFi or can be put in a DMZ. IT professionals need to be on the lookout for developments and updates – be it for the network or for their own knowledge.

If you want to stay informed about the developments and how the Internet of Things changes our planet, subscribe to our newsletter. This guarantees you you never miss developments in this important area.

 


2 thoughts on “The changing landscape of the Internet of Things (IoT)


  1. IoT has taken the life of the users to a next level. IoT devices and wearables are trending and there are many products available in the market which make the life of the people more easier. Today everything has now become smart like smart cities, smart agriculture, smart home and you can find a plenty of smart products which will make you crazy.

    Like

Post Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s