Cybersecurity insights: the Internet of Things

Internet-connected appliances have created a smart hub of endless opportunities. But outside this hub, there’s always someone trying to peer inside…

 

How many smart devices do you have in your house? Most adults in the developed world are fortunate enough to own a smartphone, maybe two because of work. You might also have a laptop at home, but our houses are also becoming increasingly populated with smart speakers, TVs, fridges. You might be wearing a smart watch on your wrist as you read this.

All these internet-enabled devices make up what we call the Internet of Things (IoT). This is a network of devices, whereby sensory devices collect data on how they are used in the context of their surroundings, then send this info to the cloud, which stores and processes it before sending the data to the general devices in the network to make them ‘smarter’, in a cycle known as machine learning.  

IoT originates from the Carnegie Mellon University in the early 80s, where students connected a vending machine to the internet to gage its drinks’ temperature from their computer screens. Ever since, smart devices have been on the rise.

IoT Endpoint Market by Sector, 2018-20, Worldwide - Gartner

Corporate advantages of IoT
In that first instance, the technology enabled individuals to make smarter, more efficient decisions, and its benefits remain much the same today, both in a personal and professional setting. In a business context, IoT is most utilised in the utilities sector through office equipment that are used across all industries, as well as more trade-specific apparatus.

IoT also offers great benefits when used as part of an agile working environment – it can unlock more data about their internal systems and thus drive greater performance and revenue. Furthermore, it allows for the automation of certain tasks, which saves time and ultimately money. When combined these factors generate higher profit margins, which epitomises the advantages that IoT offers.

Security risks posed by IoT
Smart technology can make things run much smoother, but when appliances are collectively reliant on the internet, there are great security risks. Concerns regarding smart speakers like Amazon Echo or Google Nest and the extent to which they collect data have been widely publicised in recent years. If hackers gained access to your Gmail account, they could quite easily gain access to the information that your Nest device has picked up, such as passwords and bank account details.

The threat is much worse on a corporate level as the breach of a small device could lead to a firm’s entire IoT network being compromised. At last month’s InfoSecurity Europe conference, one speaker recalled a client case whereby the hacking of a smart kettle led resulted in the capturing of confidential board meetings via a smart TV camera. Such incidents leave companies vulnerable to ransomware attacks, which can end up costing firms large sums.

Measures to protect IoT
There are some simple steps to prevent your IoT network being attacked:

  • Create strong passwords – Yes, you’ve heard this a million times before, but if hackers gain access to your log-in details on one of your smart devices, then it is far easier for them to crack into your other accounts, stealing whatever personal or financial data they store
  • Stay up to date with system and security upgrades – Pop-up reminders shouldn’t be ignored; they are designed to eliminate vulnerabilities so out-of-date software is often the chink in your cyber-armour
  • Update your router too – Wi-Fi is at the centre of any IoT network, therefore it is arguably the simplest way for a hacker to gain access; make sure you are careful about how you share your password, and if your provider offers you a new router, take it
  • Use two-factor authentication – Using a different device (especially one outside the IoT network) to verify your log-in details makes it far harder for cybercriminals to mine your personal data.

At NWT, we have a team of highly experienced cybersecurity experts who publish white papers on the latest threats and are ready to assist clients in feeling more protected, whether that relates to their IoT network or any other issue. We offer a full security audit, which includes forensic analysis and penetration testing, to ensure that your security systems are fit for purpose.

To find out more information, click here.