For the Internet of Things (IoT) to succeed there must be an increase in security measures. In January of 2017, the US Department of Homeland Security warned of a flaw that could allow a hacker to remotely access a heart defibrillator or pacemaker. The vulnerability was found in the transmitter that transferred data to the physician from the implanted device. This flaw allowed a hacker to rapidly deplete the battery, alter pacing, or shock a person’s heart.

The Dark Side of Connectivity

The IoT future looks to connect our homes, transportation, workplace, and healthcare. The concern is that a connected world makes for a higher risk of cyberattacks. The majority of IoT devices were not developed with security in mind, which makes them especially vulnerable and easy to breach.

An example of an attack on the IoT is the Mirai malware. This malware scans the web for IP addresses of IoT devices. Because many of these devices use a default username or password, Mirai is able to log in and infect the devices. The recent distributed denial of service (DDoS) attack in October of 2016, affected Reddit, Twitter, Github, Netflix, and Airbnb among many other websites. Surveillance cameras, routers, DVRs, and other IoT devices were hacked and then used to coordinate attacks on websites and hosting providers.

To prevent another DDoS attack IoT cybersecurity protocols and programs must be fortified.  By 2020 more than 25 percent of identified attacks in enterprises will involve IoT according to a recent Gartner prediction. The areas that IoT organizations can begin to strengthen their cybersecurity include analytics,  API, network, and encryption.

IoT Security Analytics

Combining data quality, big data management, predictive analytics, and machine learning your organization gains the situational awareness necessary to search for unknown users on the network and discover unauthorized communications. Security analytics are required to detect IoT specific attacks that would not be caught using traditional security solutions like firewalls.

API Security

A documented REST-based API enables an organization to authenticate and authorize data transfer between devices, systems, and applications. This is essential to maintaining secure transit of data between authorized devices. This tool may also assist in detecting potential threats and attacks.

IoT Secure Network

The requirements of an IoT network make it difficult to create a secure system. This secure network encompasses devices, back-end systems and their connection to the internet. The expansive network involves communication protocols, standards, and device capabilities which create a complexity that requires unique capabilities. An IoT secure network will include: antivirus, antimalware, firewalls, intrusion prevention, and detection systems.

Encrypted Data

Cryptographic algorithms must be used for data in transit and at rest, this prevents data sniffing by hackers and maintains data integrity. This encrypted data must also be accompanied by the practice of full encryption  of key lifecycle management processes, as poor key management reduces security.

To adapt to evolving cyberattacks, you must continuously implement your cybersecurity protocols. You can prevent becoming the next IoT cyberattack victim by engaging the Crossroads Cybersecurity team using the form below.