Internet of Things Growth Presents New Threats for Businesses
The Internet of Things is increasing as more connected objects come online. Learn what this growth means for security and how to keep your company safe.
The Internet of Things (IoT) is a remarkably rich opportunity for companies to use connected objects to collect, share, and use data. However, as the IoT grows, so too does the risk of inadvertent or malicious attacks using the IoT as the way to damage networks and systems.
A recent Gartner report noted that in 2020, the number of IoT endpoints in enterprise and automotive industries alone is projected to hit 5.8 billion, a 21 percent increase over 2019. The growth is primarily driven by more IoTs in use in utilities (such as smart electricity meters for residential and commercial use) and physical security (such as surveillance and intruder detection devices).
What Are the Risks to IoT Security?
The Domain Name System (DNS) is increasingly vulnerable due to the growth of the IoT. For example, more IoT devices are IP-enabled, using the DNS to find services they need to complete various functions. While DNS can provide data and functionality that deliver stability, transparency, and security to IoT networks, allowing for better interactions and business results, there’s a flip side.
But if botnets gain control of IoTs, widespread distributed denial-of-service DDoS attacks could become the norm. Once connected IoT networks are infected, the scale of DDoS attacks could grow into the hundreds of thousands to millions in a matter of hours.
That’s one scenario borne out of a recent report by the Internet Corporation for Assigned Names and Numbers (ICANN)’s Security and Stability Advisory Committee.
Impacts could also be felt due to unintentional errors. For example, the ICANN report notes, a software update could ask IoT devices to ping DNS resources more frequently. The increase in requests for information could mean more strain on DNS solutions. Again, imagining the scale of these threats is challenging to believe, as manufacturers create more devices that rely on DNS resources.
Another challenge relates to the lack of best practices regarding authentication for IoT devices. One recent article notes there are more than 80 known authentication methods for IoT devices.
The risk could have serious implications, even life-threatening, as IoT devices are often used to interact with humans.
“The explosion in connected devices has led to a security nightmare for many businesses and providers, as the companies cope with securing a network that no longer connects just workstations, servers, laptops, and smartphones, but also a growing variety of devices such as printers, door locks, lights, and vehicles,” the article states.
What Are the Challenges to IoT Security?
A recent Forrester survey and report notes some of the IoT challenges facing security professionals in 2020:
- Enterprise security professionals do not have a deep understanding of risks related to IoT
- Existing commercial and in-house security tools are not enough to address IoT and unmanaged devices
- Existing security frameworks, such as those issued by the U.S. National Institute of Standards and Technology (NIST) and the Center for Internet Security (CIS), are not being followed effectively
- Security budgets for IoT are not keeping up with the rate of growth
Corporate security experts Forester surveyed reported a significant lack of confidence and resources to address these issues. Among the key findings:
- 74 percent believe current security controls and practices are inadequate
- 67 percent have experienced a security incident related to IoT or unmanaged devices
- 68 percent feel they do not have an adequate budget to secure said devices
What Can Businesses Do to Keep IoT Devices Secure?
Executives looking to prepare better for the growth of IoT devices in use and threats posed by those networks should consider the following:
- Develop systems that protect businesses that use smart objects and tools
- Identify patterns of behavior and block continued behaviors that cause disruption
- Use solutions that protect against malware and ransomware attack, both of which are ideal vectors for hackers looking to exploit always-on devices
- Use network segmentation to contain attacks
- Identify risks and develop solutions for your business’ threat landscape
- Partner with device manufacturers
Alliance Technology Partners helps businesses with cybersecurity solutions designed to protect devices, objects, and users. Learn more about our comprehensive cybersecurity platform by contacting us today.