IoT Security

Internet of Things (IoT) Evolution: Where to From Here?

Graeme Messina
August 29, 2018 by
Graeme Messina

Introduction

IoT started as a niche market for hobbyists and has evolved into a huge industry. But with this growth comes security vulnerabilities and considerations that need to be understood by industry players if the technology is to be harnessed effectively. Manufacturers, retailers and big businesses are all finding ways to leverage IoT platforms, combining the data that they collect with analytics and advanced reporting systems.

In order to successfully map where the IoT trends are headed, we need to see what the current moves are in the market for 2018 and what the most common applications for IoT devices are in different sectors. This approach will help us to understand what IoT adoption could mean for the businesses and enterprises of the future and how to keep their data and networks secure.

Learn IoT Security

Learn IoT Security

Learn how ethical hackers exploit the growing number of internet-connected devices and become a Certified IoT Security Practitioner.

What Is IoT?

IoT (Internet of Things) can be thought of as any device that is able to connect to the Internet and transmit data. Devices that can be considered as IoT devices are many: cars, CCTV cameras, kitchen appliances, access-control devices like biometric readers, thermostats and voice-activated assistants like Alexa and Google Home products.

Where IoT devices differ from traditional Internet-capable equipment like laptops, computers and smartphones is that they generally have a very limited user interface and are considered to be more of an instrument that is used to measure and relay data rather than serve as a direct interface to the Internet. The data that is produced by these IoT devices can be accessed with ease from anywhere in the world, provided they are connected to the Internet.

The total number of IoT devices that are currently active and online is already massive. And it continues to grow at a rapid rate, with some estimates pointing to some serious future growth in the short- to mid-term.

Growth

The first thing to take note of is that we are currently in the middle of an upward movement in IoT adoption and growth. Multiple industries are finding new and exciting ways to incorporate IoT into their IT infrastructure, and this shows no signs of slowing down in 2018.  

In fact, the North American growth projections for the period between 2017 to 2022 show a massive increase, effectively doubling from $90B in 2017 to an estimated $180B in 2022. (See Sources.) This is in the consumer electronics segment alone and does not consider other segments of the market, which show substantial growth.

A Gartner report states that we could be looking at global figures of over 20 billion IoT devices by 2020. This growth, coupled with the demands that these devices will place on the current infrastructure that supports the Internet, leads to some interesting problems that need to be faced in the coming years. Specifically, in the domain of Internet security.

IoT Benefits and Uses

IoT is one of those technologies that has an almost limitless potential to do almost anything that a developer can imagine. Industry is one area that has seen massive benefits from adopting IoT technologies. Expensive PLC modules that use old technologies and require proprietary software to read are being replaced by cheaper IoT devices that can perform similar functions with far greater connectivity options.

Manufacturing is another area that is seeing positive developments from adopting IoT technologies. In fact, all sectors are starting to invest more heavily in IoT, again according to Statista.

Manufacturers will be able to monitor and track products such as cars by using data collection from the IoT sensors in the vehicle. In the event of a manufacturing defect, they can leverage all of the manufacturing data about that specific vehicle, tracing the parts used on the vehicle through IoT systems in the factory and comparing the data to hundreds or thousands of other vehicles that were made in the same factory.

This scenario helps the manufacturer to not only assess a problem for their customers more quickly, but it also helps them to strengthen their own manufacturing procedures and ensure that they limit the likelihood of such events occurring in the future.

Agriculture is another sector that has seen excellent results from adopting IoT devices. Probes which monitor things like soil moisture, lighting conditions and humidity can, through the Internet, be accessed from anywhere in the world. Irrigation systems are also connected via IoT interfaces, allowing them to be switched on or off depending on the requirements of the crop.

Consumer-grade IoT devices have also started coming into their own, with central controllers that can monitor things in the home such as temperature, intrusion detection and power consumption. Homeowners can control the lighting in their home remotely via a smart device such as a phone or tablet or unlock the front door and monitor live video from their surveillance systems. These devices are very convenient and give users control over the most valuable assets while they are away.

IoT Security Concerns

Who can forget the Mirai botnet attack back in 2016, where hundreds of thousands of IoT devices were compromised? Seemingly innocuous devices such as webcams, DVRs and even certain brands of bathroom scales were vulnerable, allowing an estimated 550,000 of them to be used as part of DDOS attacks on DNS providers. This created connectivity havoc for regions across the United States, most notably on the East Coast.

Earlier this year, Avast reported that certain IoT devices could be hijacked to mine cryptocurrencies like Monero (an untraceable asset) for cybercriminals, essentially stealing electricity and Internet bandwidth from unwitting IoT device owners. This means that unprotected IoT devices have the potential to help fund cybercrime due to the open nature of the firmware that is found on many such products.

A lack of security standards, coupled with little to no update features on these devices, means that the potential exists for IoT devices to ship with security flaws that cannot be fixed by the manufacturer. This is a huge concern for the IT professionals that are tasked with maintaining the safety and security of an organization’s data systems. It’s just a matter of time before the next big IoT breach occurs, with potentially devastating consequences for both consumers and businesses.

The Future For IoT?

The good news is that there is a growing movement in the IoT developer community seeking address these security shortfalls. Events such as the Internet of Things Developers Conference seek to change the way that IoT products are developed. 2018’s event, to be held in October, is fittingly entitled “2018 IoT Devcon: IoT Device Security Summit.”

And it’s hardly all doom and gloom. IoT has the potential to support new and exciting products and industries with innovative and exciting applications, many of which we have not even seen yet.

IoT infrastructure generates massive amounts of data that needs to be processed in order for it to be useful to humans, and to do this, there will be more reliance placed on big data technologies such as machine learning and artificial intelligence networks. These neural networks will enable health care professionals, city planners, retail companies and almost any other industry imaginable to learn a great deal about the people that they serve and how they can better manage their needs.

Conclusion

IoT is an exciting technology that is helping people and businesses to monitor, manage and learn more about their environments. The rapid development and deployment of these systems has meant that security has sometimes taken a back seat to convenience: the demand for highly-interconnected devices is showing no signs of lessening, which means that if the security of these devices is not dealt with decisively, then the exposure that they potentially open consumers and businesses up to is immense.

Because of this, the way that IoT has been implemented in many organizations needs to be thoroughly reviewed. Some devices do not specify what data they collect or how it is sent over the Internet, which has privacy ramifications and the potential to cause security breaches and data leaks.  

IoT devices are still evolving, but they are here to stay. The offshoot of this is that as a security professional, you will need to learn about how the IoT platforms that are present within your organization can be managed effectively and safely, without compromising the safety and security of your company’s data.

The best way to keep yourself and your information safe is to stay up to date with all of the latest IoT trends. By using and understanding these systems, you will become intimately familiar with how they interact with your network and your company.

 

Sources

North America IoT market revenue by application 2012-2022, Statista

10 Charts That Will Challenge Your Perspective of IoT’s Growth, Forbes

Konzerne verbünden sich gegen Hacker, Faz.net

Learn IoT Security

Learn IoT Security

Learn how ethical hackers exploit the growing number of internet-connected devices and become a Certified IoT Security Practitioner.

15,000 internet-connected devices could be hacked to mine $1,000 of cryptocurrency in 4 days, CNBC

Graeme Messina
Graeme Messina

Graeme is an IT professional with a special interest in computer forensics and computer security. When not building networks and researching the latest developments in network security, he can be found writing technical articles and blog posts at InfoSec Resources and elsewhere.