The IoT’s Perplexing Security Problems

Worldwide spending on the Internet of Things will total nearly US$773 billion this year, IDC has predicted. The IoT will sustain a compound annual growth rate of 14.4 percent, and spending will hit $1.1 trillion by 2021, according to the firm’s forecast late last year. Consumer IoT spending will total $62 billion this year, making it the fourth largest industry segment, after manufacturing, transportation and utilities. The leading consumer use cases will be related to the smart home, including home automation, security and smart appliances, IDC said. Cross-industry IoT spending, which encompasses connected vehicles and smart buildings, will gobble up $92 billion this year, and will be among the top areas of spending for the next three years.
IoT growth will get a boost from new approaches coming from firms such as China’s Tuya Smart, for example, which combines hardware access, cloud services, and app development in a process that lets manufacturers transform standard products into smart products within one day. One third of companies in the U.S., the UK and Germany have more than 1,000 shadow IoT devices connected to their network on a typical day, according to a recent Infoblox survey of 1,000 IT directors across the U.S., the UK, Germany and the UAE.
The reported shadow IoT devices included the following:
Fitness trackers – 49 percent;
Digital assistants such as Amazon Alexa and Google Home – 47 percent;
Smart TVs – 46 percent;
Smart kitchen devices such as connected microwaves – 33 percent; and
Gaming consoles – 30 percent.
There were 1,570 identifiable Google Home assistants deployed on enterprise networks in the U.S. There were 2,350 identifiable smart TVs deployed on enterprise networks in Germany, and nearly 6,000 identifiable cameras deployed on UK enterprise networks. Shadow IoT devices are devices connected to the company network but not purchased or managed by the IT department. Companies need to pay attention to the deployment of IoT devices, which are regularly put online with default passwords, legacy code riddled with known vulnerabilities, and a lack of defined policies and procedures to monitor them, leaving companies extremely vulnerable.
Cybercriminals have been launching newer and more creative attacks on IoT devices, either to compromise them or to leverage them in botnets. The IoT’s healthcare component includes connected medical devices and consumer wearables such as smartwatches and fitness trackers.
Medical device manufacturers increasingly have been incorporating connectivity to the Internet, but 53 percent of healthcare providers and 43 percent of medical device manufacturers don’t test their medical devices for security. Few have taken significant steps to avoid being hacked. Google and Apple have been leading the charge of smart devices into the healthcare realm, with other companies, such as fitness device manufacturers, following suit.

You May Also Like