10. 3. 2021

Internet of Things helping and threatening

IoT je Internet of things alebo po našom Internet vecí. Čo si však za tým môžeme naozaj predstaviť, čo to vôbec znamená?

To put it bluntly, it is an emerging Internet-based technical architecture that facilitates the exchange of information and services on a global scale. In other words, The Internet is no longer a matter of computers. Today, smart refrigerators, lighting, heating, televisions, voice assistants in households, cars, printers and even a home coffee machine are connected to the network. And we could continue naming others indefinitely. In 2020, an estimated 25 billion devices were connected in the world. And the real boom of IoT is far from over. So the Internet of Things includes any similar device that is connected to the Internet with its own address.

When did the concept of the Internet of Things appear?

How would you explain it simply? The term Internet of Things was first used in 1999 by Kevin Ashton, who worked in the field of network RFID (radio frequency identification) and emerging scanning technologies. IoT appeared around the years 2008-2009 and since then the trend of connecting things / devices of everyday use to the Internet has been rising. We call them “smart” devices, they contain software, sensors, electronics and a network connection to the Internet so that they can communicate with other devices.

Much has changed since 2008, the growth of intelligent devices is unsustainable, but IoT has brought with it a number of not only positive aspects …

Today’s IoT boom is leading to a smarter and more interconnected world. However, it does not come without risks. Cyber ​​security, as IoT is significantly affecting, is one of the most important factors. Internet of Things solutions provide interesting and valuable data to individuals and businesses. Although their benefits are undeniable, they are vulnerable to cyber attacks (IoT devices are “not very secure” by nature). In the first half of 2019 alone, Kaspersky detected 105 million attacks on IoT endpoints. Although security remains a major concern for IoT solutions, recent research shows that up to 90 percent of consumers do not trust the safety of IoT devices.

What are the trends in the development of IoT and what will the future bring?

IoT trends in 2021 will focus on basic human needs, households, offices, as well as health and safety and its monitoring.

Connected IoT devices will become ubiquitous. Due to the pandemic and the limited mobility of the population, the possibilities and benefits of remote monitoring have become much more widespread, and those who have never activated remote connections before are now making intensive use of these possibilities. The massive wave of IoT deployment is in
in full swing, but efforts to secure these facilities have only recently begun.

According to the latest estimates from Omdia web (the IoT device market tracker), the global installed IoT base is expected to grow from today’s 25 billion to 45 billion in 2025. With this number of devices, the scale of cyber threats will increase proportionally. Many companies are eager to make progress on Internet of Things initiatives.

Can the current form of the Internet cope with such an enormous increase in connected devices?

Just as the new IP address protocol had to be introduced from the historic IP4 to the new IP6 due to their depletion, technologies are changing to connect a large number of devices carrying unimaginable amounts of data – we had 2G, 3G, 4G and today the 5G network resonates everywhere. Indeed, the introduction of 5G technology will revolutionize the IoT market by unlocking its potential through more bandwidth, lower latency, increased capacity, reduced costs and many other benefits. While this will expand facility management capabilities from thousands to millions, weak security practices will exponentially increase the threat. So we can expect the increasing frequency, sophistication and complexity of cyber attacks targeting IoT.

We must not forget the use of automation, artificial intelligence (AI) and machine learning. AI systems are better at performing many elements of the Internet of Things threats than humans, such as repetitive tasks, interactive responses, and the processing of very large data sets. In 2020, large global organizations saw an increase in IoT-based cyber attacks, including large Distributed Denial of Service (DDoS) attacks. The growing deployment of IoT has expanded the potential for attack, and almost every industrial sector is vulnerable to various cyber threats.

Is ensuring the safety of IoT devices such a problem?

When deploying systems in any environment, companies traditionally have three alternatives. Systems can be either fast, secure, or inexpensive. So reality often forces organizations to choose only two. The “loser” usually is safety, while cost and convenience remain.

But we also have the other side of the coin – a regular user who uses several connected devices a day at work and dozens more at home, only one weakness is enough for an attacker to attack them all. In 2020, the Open Web Application Security Project (OWASP) identified the top ten IoT security vulnerabilities, with weak, easy-to-guess passwords at the top of the list. In the next place, there was insufficient update, which can lead to devices running on the old vulnerable firmware, even if new secure updates are available.

What can happen when someone “hacks” my coffee machine or a refrigerator? Why is there such a stir around IoT security?

It is important to realize what I have already mentioned that devices such as a coffee machine or refrigerator are never alone in a corporate or home network. They can serve as a gateway to other devices and to the entire network. Therefore, it is ideal to zone your network, and to connect things to individual zones according to importance or vulnerability. Simply put, these zones or subnets behave as separate units and do not see each other, therefore if an attack occurs e.g. to said coffee machine in one zone, another zone where we have sensitive data or workstations, is relatively safe.

But even “hacking” individual devices can be annoying and bring us financial harm or information leakage. I will mention a few – the printer can start printing in full color and will stop when the paper runs out, the coffee machine can prepare cappuccino all night in the office, the intelligent charger will release more volts and amps into the connected device, which will completely destroy it, voice assistant will listen to our conversation , the camera on the TV becomes a hidden window into our home, the car stops listening to us in the worst traffic situation and reports an engine error, during our vacation the alarm goes off at home and the cameras are used by thieves to check the situation. And just to laugh about, the possibility that our lawn will be watered non-stop.

But less funy are the “hacks” of devices that monitor the health of our loved ones, dose drugs, save lives in borderline situations.

And to conclude it all?

We need to realize that the more interconnected critical infrastructure is, the more interesting it is for criminals. While security is also becoming “smarter”, using artificial intelligence, including new technologies that promise to bring safer IoT, human dimension and common sense still remain important.

Cyber ​​Security Specialist, Aliter Technologies, a.s.


Preview of Nextech: Internet of Things helping and threatening
IoT je Internet of things alebo po našom Internet vecí. Čo si však za tým môžeme naozaj predstaviť, čo to vôbec znamená?