Skip to content

IoT Security Issues

Worldwide spending on the Internet of Things will total nearly $ 773 billion this year, IDC predicted.

The IoT will maintain a compound annual growth rate of 14.4% and spending will reach $ 1.1 trillion by 2021, according to the company's forecast at the end of last year.

IoT consumer spending will total $ 62 billion this year, making it the fourth largest segment of the industry after manufacturing, transportation and utilities. The main consumer-use cases will be related to the smart home, including home automation, security and smart appliances, according to IDC.

IoT's intersectoral spending, which includes connected vehicles and smart buildings, will cost $ 92 billion this year and will be among the top spending areas for the next three years.

The growth of IoT will be spurred by new approaches from companies such as Tuya Smart, which combines hardware access, cloud services and application development in a process that allows manufacturers to turn standard products into smart products in a day. .

IoT Shadow devices on corporate networks

One-third of businesses in the United States, the United Kingdom, and Germany have more than 1,000 IoT devices connected to their network each day, according to a recent Infoblox survey of 1,000 IT managers in the United States. in the United Kingdom, Germany and the UAE.

The indicated IoT shadow devices included the following:

  • Fitness Trackers – 49 percent
  • Digital assistants such as Amazon Alexa and Google Home – 47%;
  • Smart TV – 46 percent;
  • Smart kitchen appliances such as connected microwaves – 33%; and
  • Game consoles – 30%.

According to the Infoblox survey, 1,570 Google Home identifiable assistants were deployed on corporate networks in the United States in March. There were 2,350 identifiable smart TVs deployed on corporate networks in Germany and nearly 6,000 identifiable cameras deployed on British company networks.

See also  SEO: Management of Updates of Modern Algorithms

Shadow IoT devices are devices connected to the corporate network but not purchased or managed by IT, according to Infoblox.

"Often, IoT devices are added to the network without the direct knowledge of the computer," noted Bob Noel, director of strategic relations and marketing for

"Businesses need to pay attention to the deployment of IoT devices, which are routinely put online with default passwords, code inherited from known vulnerabilities, and a lack of defined policies and procedures to monitor them, leaving businesses behind. extremely vulnerable "he told the E-Commerce Times.

More than 80 percent of the companies surveyed said that security was the primary consideration in IoT buying decisions, said Brent Iadarola, vice president of mobile and wireless communications at Frost & Sullivan.

However, "the unfortunate reality today is that unknown assets and unmanaged networks continue to exist in enterprise networks and are often overlooked by vulnerability scanners and solutions. who monitor network changes, "he told the E-Commerce Times.

Yet, "we have begun to see a move towards integrated IoT security solutions that provide end-to-end collection, analysis, and response in a single management and operating platform," noted Iadarola.

Security for IoT

"The security of IoT is highly fragmented and many devices are vulnerable," observed Kristen Hanich, research analyst at Parks Associates.

"There are a lot of devices with known weaknesses that can easily be exploited by the currently available attacks," she told the E-Commerce Times.

Most of these devices will not receive protection updates, Hanich said, and "as most IoT devices are in place for years, if not decades, it will lead to hundreds of millions of dollars." Vulnerable devices. "

See also  The Growth of Retail Without Human Resources

Cybercriminals launch new, more creative attacks on IoT devices, either to compromise them or to exploit them in botnets.

For example, Wicked – the latest version of the Mirai botnet malware, originally released in 2016 – exploits at least three new exploits.

A new version of the Hide-and-Seek botnet, which controls over 32,000 IoT devices, uses custom peer-to-peer communication and multiple anti-sabotage techniques, according to BitDefender.

"We should be preparing for many years of attacks powered by IoT botnets," Sean Newman, director of product management for
Corero Security, told the E-Commerce Times.

Cost is a problem with IoT security, noted Parks Associates' Hanich. "Security needs to be integrated right from the start, which takes time and effort, and requires regular maintenance and updates after device sales, potentially for many years to come."

Many device makers are unaware of security to keep prices down, she said, because security "does not boost unit sales of their products."

Medical Devices and IoT Security

The health care component of the Internet of Things includes connected medical devices and consumer-oriented wearable devices, such as smartwatches and fitness trackers.

Medical device manufacturers are increasingly integrating connectivity to the Internet, but 53% of healthcare professionals and 43% of medical device manufacturers do not test their medical devices for security, Siddharth Shah, analyst at Frost & Sullivan

Few people have taken significant steps to avoid being hacked, he told the E-Commerce Times.

Network-connected medical devices "promise an entirely new level of value for patients and physicians," said Kamaljit Behera, health care sector analyst for Frost & Sullivan

See also  A new relational marketing center aims to achieve conversion rates


However, "they also introduce new vulnerabilities in cybersecurity that could affect clinical operations and endanger patient care," he told the E-Commerce Times.

"The perceived risk of connected medical devices within the hospital is high, but steps are currently being taken to prevent attacks," said Shah de Frost. "Still, there is a lot to do."

The risk for business networks to be hacked by medical devices related to health care "is not a big problem," according to Greg Caressi, head of the company. global business unit for transformational health at Frost & Sullivan.

"Personal devices are not usually connected to private enterprise networks other than IT providers in the health care sector," he told the E-Commerce Times.

Google and Apple led the charge of smart devices in the health field, along with other companies, such as fitness device manufacturers, as a result.

Richard Adhikari has been a reporter at ECT News Network since 2008. His fields of intervention are cybersecurity, mobile technologies, CRM, databases, the software development, the central and midrange computer. and the development of applications. He has written and edited for many publications, including Information Week and Computerworld . He is the author of two books on client / server technology.
Email Richard.