IoT and Cyber Risk - How to keep your business safe
With the rise of smart TVs, smart homes and self-driving cars, the Internet of Things is gradually edging its way into our everyday lives. Business Insider predicted that there will be 24 billion Internet of Things devices in the world by 2020, as our homes, workplaces, transportation and cities become increasingly automated, connected and intelligent.
But along with the enormous benefits, the IoT also comes with plenty of risks. In a world that is already vulnerable to the threat of cyber-attacks and data breaches, more connected objects and devices means billions of new entry points for hackers. And in many cases, these devices are a much softer target than traditional computers.
Here's a few of the ways the IoT could leave us exposed:
They know all about you
IoT devices, whether that's a smart watch, home, or connected car, are constantly collecting data on your movements and habits as you go about your daily life. This is useful in one respect because the more the technology knows about you, the better it can respond to and work around your needs. But what if this data gets into the wrong hands? Best case scenario, it could be used by other businesses, to sell you their offers and services. Worse case, it could get into the hands of criminals, allowing them to steal your identity, or target your property or belongings based on what they know about you. IoT companies will need watertight data privacy and security to stop this from happening.
Devices could be hijacked for malicious purposes
In 2015, security researchers managed to hack into the computer systems of a Jeep, killing its transmission and causing the recall of 1.4m vehicles. So just imagine the possibilities when we're surrounded by hackable devices, in our homes, workplaces and everything in between. It could pave the way for covert surveillance, cars being hijacked, or security systems being compromised. Consumers and businesses need utmost confidence that this isn't going to happen.
In October last year, a massive DDOS (distributed denial of service) attack temporarily brought down some of the biggest websites in the world, including Netflix, Twitter and CNN. Hackers did it by attacking Dyn, which controls much of the internet's domain name system, using a zombie botnet of around 100,000 IoT devices. And this is one of the big risks of the IoT- not only are there now thousands of connected objects, but they usually have lower levels of security than more sophisticated computers. That means they can more easily be taken over and used for these kinds of attacks.
What can you do?
To avoid becoming a victim, or inadvertently helping to cause an attack elsewhere, IoT security should be taken as seriously as with any other computer or device. Here are some key ways you can shore up your defences:
Evaluate IoT devices carefully before buying
Many manufacturers still don't think it's worth building security into connected devices, while others are starting to become more sophisticated. So, make an educated choice and do your research before purchasing.
Change passwords on IoT devices
It's all too easy to stick with the default password when using a connected camera or coffee machine. But you should treat these devices like any other computer, choosing a unique password and changing it regularly. You can find out more about good password practice in our blog on five password tips for better SME security****.
Update software and patches regularly
As with computers, failing to install software updates and patches on IoT devices can leave them more vulnerable to attack. So, keep an eye out for new releases from the manufacturer and install them promptly. Avoid 'orphan' devices
To avoid giving hackers an easy backdoor into your systems, make sure you remove all the data from old IoT devices and disconnect them from your systems when you replace them. Also consider returning old electronics to the manufacturer, who is obliged to recycle them under the Waste Electrical and Electronic Equipment Directive (WEEE). Invest in a protective shield
Perimeter based security is unlikely to be enough if you have multiple IoT devices connected to your networks. Instead, consider investing in a cloud-based protective shield, which will stop any malware before it gets near your apps and devices. This kind of technology will also allow you to monitor all data traffic in real-time, enabling you to identify anything unusual as quickly as possible.
The IoT market is currently a bit like the Wild West – everybody wants to get a piece of the action. And while on one hand that means lots of fancy new gadgets to play with, it also means that many are being released without the right security in place. Businesses and individuals need to act now, to avoid giving a free pass to cyber criminals in the future.
To read more about the IoT, check out our blog on The Internet of Things: A Connected Future.
The 12 risks of Xmas: the full calendar
To provide you with a helpful reminder of the 12 biggest risks businesses face this season, we’ve gathered them into a handy calendar.
The 12 risks of Xmas: on the twelfth day of Xmas...
Alcohol is often referred to as a ‘social lubricant’ but when people lose inhibitions, it’s easier than ever to text, tweet or post something one shouldn’t.
The 12 risks of Xmas: on the eleventh day of Xmas...
Bullying in the workplace is unfortunately still widespread, and Christmas parties can be a big pressure point, especially given how easily and quickly they can be shared today.