Internet of Things Is The Next Big Security Risk

Uploaded on 2017-04-07 in TECHNOLOGY-Key Areas-Internet of Things, TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Resilience

The Internet of Things (IoT) has been the target of many recent high profile cyber-attacks, but the full scale of its vulnerability is yet to be seen.

Rick Conklin, vice president of engineering at Dispersive Networks, writing for the Entrepreneur, argues that attacks like that inflicted on Twitter in late 2016, which was caused by a surge of bots on hijacked unsecured IoT devices, are only set to become more commonplace.

According to Juniper Research, whose recently published report titled Internet of Things for Security Providers: Opportunities, Strategies, & Market Leaders 2016-2021 examined consumer and corporate IoT usage, the number of installed IoT devices for consumers alone will surpass over 15 billion units by 2021.

In another study, this time conducted by HP, it was found that some 70% of IoT devices are currently vulnerable to attack. When considered alongside how many unprotected devices will soon be online and susceptible, Conklin believes that the security risk posed is "beyond anything we've currently seen in the realm of cybersecurity".

However, he notes that much of this insecurity is down to bad security habits rather than sophisticated software or hackers. These include the use of pre-set passwords and default usernames.

Perhaps most significant is the threat posed to the healthcare system. Action Fraud issued a report on 17 February warning of the latest scam, this time coming in the form of a fake tax rebate. This is not the first time the NHS has been attacked.

Earlier in January, an investigation by National Health Executive (NHE) revealed that cyber-attacks on the NHS had more than quadrupled in the past four years.

Nor is it a uniquely British problem, as a report by the European Union Agency for Network and Internet Security (ENISA) last year uncovered an alarming trend across the EU of ransomware targeting MRI machines, CT scanners and even dialysis pumps.

The cyber security agency commented: "The need for improved, and even remote, patient care drives hospitals to transform by adapting smart solutions, ignoring sometimes the emerging security and safety issues. Nothing comes without a price: hospitals are the next target for cyber-attacks."

While these attacks were targeting data, a large-scale attack may put lives in danger if vital machinery is shut down.

Conklin suggests that hospitals "adopt improved security practices such as: password management, policies to ensure all devices are up to date/passwords get changed, network segmentation, software-defined network overlays with security built in and improved data management policies. Vital to ensuring that these practices get used successfully will be administrators that make them part of the hospital's workplace culture."

MisCo:

Internet of Insecure Things:

Internet of Things will drive the Digital Revolution of Industry:

 

« Technology Will Demolish Slow Internet Speeds
Warning Over Russia's Cyber Warfare Methods »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

AusCERT

AusCERT

AusCERT is the premier Computer Emergency Response Team (CERT) in Australia and a leading CERT in the Asia/Pacific region

Information Security Research Group - University of South Wales

Information Security Research Group - University of South Wales

The Information Security Research Group has an international reputation in the areas of network security, computer forensics and threat analysis.

mmCERT

mmCERT

mmCERT is the national Computer Emergency Response Team for Myanmar.

Falanx Cyber

Falanx Cyber

Falanx Cyber provides enterprise-class cyber security services and solutions. We deliver end-to-end cyber capabilities, either as specific engagements or as fully-managed services.

HYAS Infosec

HYAS Infosec

HYAS is a highly skilled information security firm developing the next generation of information security technology.

Excelerate Systems

Excelerate Systems

Excelerate Systems is a leading provider of IT services with a focus on Big Data, Cloud Services and Security.

International Data Sanitization Consortium (IDSC)

International Data Sanitization Consortium (IDSC)

IDSC is a group composed of individuals and companies dedicated to standardizing terminology and practices across the data sanitization industry.

oneM2M

oneM2M

oneM2M is a global organization creating a scalable and interoperable standard for communications of devices and services used in M2M applications and the Internet of Things.

HSB

HSB

HSB offers insurance for equipment breakdown, cyber risk, data breach, identity recovery & employment practices liability.

Raqmiyat

Raqmiyat

Raqmiyat provides end-to-end IT Services and business solutions including consultancy, digital transformation, infrastructure and cybersecurity.

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

CIBR Warriors

CIBR Warriors

CIBR Warriors are a leading cyber security and networking staffing company that provides workforce solutions with businesses nationwide in the USA.

Primus Institute of Technology

Primus Institute of Technology

At Primus Institute of Technology our mission is to inspire, support, and empower current and aspiring IT professionals through training and career development workshops.

European Data Protection Supervisor (EDPS)

European Data Protection Supervisor (EDPS)

The EDPS is the European Union’s independent data protection authority. We monitor and ensure the protection of personal data and privacy when EU institutions and bodies process personal information.

OpenAI

OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity.

DeltaSpike

DeltaSpike

DeltaSpike empowers individuals and organizations worldwide through its comprehensive cybersecurity solutions.