5 Trends That Are Changing IoT Cybersecurity
It’s not surprising that in light of the rapid adoption of IoT devices, which is expected to hit 13.8 billion this year, the security implications are rapidly evolving. In this blog we look at the cybersecurity developments that have grown out of the rapid adoption of IoT. All of it – the good, the bad and the ugly, and how we expect they will change the way we use and secure IoT devices.
1. Government Labeling Mandate
A recent Executive Order released by the Biden Government has tasked the Director of NIST to develop a labeling program that educates the consumer public on the security capabilities of IoT devices. NIST is determining the criteria of grade levels that correspond to increasingly comprehensive cybersecurity that has gone into testing and developing a connected product. Manufacturers, brands, and developers will be incentivized to participate as the labeling program will change the way people shop for smart products, similar to how they shop for energy-efficient products.
The pandemic impacted the IoT arena in different ways, some times for good, many times not, but almost always unexpectedly.
IoT came to the fore as it eased the rapid transition to working from home, IoT sensors could track the movement of equipment and RFID tagged products that could effectively manage supply chain surpluses and deficits. Likewise, healthcare facilities were able to use medical IoT devices to prevent and better manage the spread of the virus, for example, perform better contact tracing and remotely manage workforce staff still required for patient care.
However this upsurge in adoption, didn’t come without its risks. No longer working within the safe confines of the enterprise network, remotely located employees are now routinely connecting to these remote devices and accessing work files from the same network to which they connect their smart home devices. Any device vulnerability on an employee’s home network, automatically puts all other devices, even those connected to the work network, at risk.
Several solutions exist to minimize these risks such as educating employees on security hygiene and using a VPN to enable secure remote connection, there has also been greater use of network segmentation and network access controls. However, throughout the coronavirus pandemic breaches have been at record high numbers, indicating that these solutions have only had moderate success. The enterprise attack attack surface that has been so dramatically widened needs to be reeled back in, and this is only going to happen with a proactive level of security, akin to EDR, installed on each and every single connected device.
3. 5G Connectivity
Many countries around the world are investing in their 5G networks. The value of 5G to industry, manufacturing, and enterprise is undeniable for its ability to reduce latency and speed up connectivity between devices. However, the benefits of 5G don’t come without their risks. 5G networks significantly expand the attack surface of IoT devices for a number of reasons:
- Exacerbates network complexity. Based on decomposed, virtualized, and distributed network functions, this convergence both exposes new points of cyber attack and causes disruption to current cybersecurity management processes.
- Risks the enhanced connection between the physical and virtual worlds. If a network is compromised the consequence is no longer limited to the digital world but can cause damage in the physical environments where they are used.
- Manipulates Insecure APIs. 5G leverages APIs to enable communication between service functions, insecure APIs expose services to attack and put the entire 5G network at risk.
Organizations will need to overcome the enhanced risk of 5G by implementing security mechanisms that not only protect the infrastructure but the IoT devices that run through them.
4. Embedded Flaws in IoT Software
At all stages of product development the objective is to maximize profit margins, for this reason connected devices can often be built with open-source operating systems and external software that are free, but also laced with malicious bugs. OpenSSL encryption library and Unix Shell are two examples of widely used open-source projects that had bugs embedded. This means that even if developed according to strict security by design requirements, products can still have significant security flaws.
The malicious code is embedded in the legitimate code, and once implemented, gives the hacker a direct foothold into the device. Through remote code execution they can carry out a range of attacks from stealing data to gaining control over the IoT device and determining how it behaves. The widespread use of open-source OS and software in IoT product development entails that these vulnerabilities are widespread and highly pervasive. To mitigate them a proactive solution that operates as an endpoint detection and response (EDR) system is needed to continually monitor the device and ensure any suspicious behaviour is detected and stopped.
5. AI and Machine Learning
The pairing of IoT with advanced levels of AI machine learning, for many, represents the fourth industrial revolution as it has allowed enterprise and industry to achieve a whole new level of performance and productivity that was previously impossible. IoT devices can be used to capture and generate massive amounts of data that organizations can then apply to machine learning algorithms to process and gain real time insight on what is happening in their operations, whether that be a production floor, a power plant, a smart city or a self-driving vehicle.
Yet, at the same time, hackers are also keen to take advantage of the enormous processing power that’s made possible by machine learning. While the use of AI for malicious purposes is well documented only within academic circles, little by little it is creeping into the wild. Nation state actors are getting involved and organized cyber gangs as knowledge of AI disseminates and the tools to enable it become more available.
So how can AI be used towards malicious purposes? AI algorithms can perform the repetitive tasks that are required to scale up towards effectively pulling off an attack on a complex network of IoT devices. As organizations move from securing thousands of IoT devices to potentially millions, this creates a surge in network traffic that involves billions of time varying signals. In this situation, AI could be used to analyze the environment, identify the weak spots through which an attack can be executed and provide insight on how to avoid being detected. The scope of capability will not only make attacks feasible to execute, but potentially far more devastating in their impact.