Story image

Here's why you need to be aware of the internet of things

03 Nov 15

The rise of the internet of things is bringing new an exponential increase in security threats for both business and consumers as vulnerabilities in IoT devices are exploited.

Security vendor F-Secure says the proliferation of connected devices opens up innumerable security vulnerabilities that many people are unaware of.

Gartner has predicted that 4.9 billion connected things will be in use this year. With the global population at around 7.3 billion, this equates to more than one connected device for every two people on the planet – and it’s a number that is expected to increase exponentially.

Jonathan Banks, F-Secure ANZ director of operations, notes that connected devices are all around us – home heating systems, refrigerators, and smart televisions.

“They are beginning to affect every facet of our lives and make things easier and more convenient,” he says.

“However, the rise of the IoT also presents an exponential rise in security threats to businesses and individuals, as vulnerabilities in IoT devices are increasingly exploited by malicious cyber criminals.”

F-Secure says there are three reasons to pay close attention to the rise of the IoT and be aware of the potential threats that the connected devices present:

Threats are increasing The Australian Securities and Investments Commission issues a report earlier this year, noting that malicious cyber attacks on IoT devices are on the rise.

Meanwhile, an HP internet of things research study last year showed that 70% of the most 10 commonly-used connected devices contain serious vulnerabilities.

PricewaterhouseCoopers says the internet-connected devices that make up the IoT are vulnerable to attack because they lack the fundamental security safeguards that larger and more powerful connected devices are equipped with as a matter of course.

Says Banks: “Using smartphones as a point of control exacerbates IoT cyber threat risks because they are often unsecured.

“Cambridge University research shows that around 87% of the billions of Android smartphones globally have been exposed to at least one of 11 critical vulnerabilities.”

Smart cities are emerging At the same time, smart cities, in which connected devices are heavily used, are on the agenda for government and private enterprises alike, with IoT technology becoming a central element in public and civil infrastructure.

Examples include combining network-connected sensing and metering infrastructure with the existing electricity network to improve the efficiency of the electricity sector.

“Clearly, incorporating connected devices into this kind of infrastructure opens up the potential for vulnerabilities that malicious attackers can use to compromise public facilities, putting people and infrastructure at risk,” Banks says.

IoT data is becoming a big business As free online applications such as Gmail and Facebook have become more popular, the idea that data can be used as a lucrative commodity has come to the fore. Now, with individuals around the world adopting connected devices, IoT data is increasingly being collected and commoditised.

Device manufacturers, digital solutions providers and telecommunications companies use IoT data as a revenue source, which presents yet another security concern. As this data becomes more widely used by different companies for different purposes, the greater the potential for a data breach becomes.

“With so much IoT-derived data going around, all it takes is one weak link in the data chain for malicious criminals to obtain personal or sensitive user information, so it is vital to be diligent and careful about where your data goes and how it is treated,” Banks says.

Commerce Commission report shows fibre is hot on the heels of copper
The report shows that as of 30 September 2018 there were 668,850 households and businesses connected to fibre, an increase of 45% from 2017.
Dr Ryan Ko steps down as head of Cybersecurity Researchers of Waikato
Dr Ko is off to Australia to become the University of Queensland’s UQ Cyber Security chair and director.
Businesses in APAC are ahead of the global digital transformation game
“And it’s more about people and culture - about change management - along with investing in the technology.”
HubSpot announces fund for 'customer first' startups
HubSpot is pouring US$30 million (NZ$40 million) into a new fund to support startups that demonstrate ‘customer first’ approach of not only growing bigger, but growing better.
Mac malware on WatchGuard’s top ten list for first time
The report is based on data from active WatchGuard Firebox unified threat management appliances and covers the major malware campaigns.
LearnCoach closes $1.5m seed round
The tutorials are designed for students who want to learn NCEA subjects but can’t make it to a physical classroom.
Bin 'em: Those bomb threat emails are complete hoaxes
A worldwide spate of spam emails claiming there is a bomb in the recipient’s building is almost certainly a hoax.
Marriott sets up call centres to answer questions on data breach
Marriott has released an update on the breach of the Starwood guest reservation data breach which affected 500 million guests.