С целью предоставления наиболее оперативного и индивидуализированного обслуживания на данном сайте используются cookie-файлы. Используя данный сайт, Вы даете свое согласие на использование нами cookie-файлов. Прочитайте больше о Политике использования сookie-файлов и Политике конфиденциальности.Я даю согласие
Internet-of-things (IoT) is growing exponentially across various industries and transforming our daily lives, such as automotive, healthcare, logistics, telecom and manufacturing. According to the forecast of IDC, there will be 41.6 billion connected IoT devices and generate 79.4 zettabytes (ZB) of data in 2025.
In general, a device with the ability to connect to the Internet can be considered as an IoT device. In the recent years, internet-connected gadgets and appliances become more common. When we tend to connect various smart devices over a network to enable seamless connections, large amounts of data is therefore transmitted between devices. However, this provides an opportunity for cybercriminals to take control of vulnerable devices and execute mass targeted attacks.
The Crisis of IoT
Recently, Microsoft announced that Russian hackers named “Strontium” have been using printers, video decoders and other IoT devices to break into corporate networks. In most cases, passwords for the devices were the easily guessable default ones, which opened the door for hackers to gain access to the targeted network readily.
It was not the first time for hackers to deliver cyberattacks via IoT devices. Unprecedented cyberattacks are capable of turning ordinary digital video recorders, CCTVs and routers into weapons and create thousands of loss. Mirai botnet is one of the famous IoT attacks which hit the US in 2016.
Mirai botnet took control of smart devices, such as CCTVs and webcams, and turned them into zombie machines that triggered the largest DDoS attack in the US in 2016. The servers of Dyn, a company that controls most of the Internet’s domain name system (DNS) were then overwhelmed. Thus, popular sites including Twitter, the Guardian, Netflix, Reddit, CNN and many others frequently visited sites in Europe and the US were taken down. It was estimated that tens of millions of IP addresses were used to flood a website with so much traffic that caused unprecedented outages.
Growing Security Challenges over the Internet
To ensure IoT cybersecurity, there are several challenges we need to concern.
Lack of after-sales updates is one of the security issues. Many developers focus on the product launch to optimize the sales growth whilst neglect after-sales security updates of the IoT devices. Without regular updates on security patches, firmware and software may result safe devices at time of purchase, but vulnerable to large-scale data breaches later on, that ruin an individual or company’s reputation.
Another challenge is the brute force attacks. Many devices come with a simple default username and password such as “admin”, “password” or “1234”, which allows hackers to break into IoT devices with easy-guessed combinations and trial-and-error. Always reset passwords with strong credentials to protect your devices.
Apart from devices, insecure communications can also be a way leads to security risks. The conservation through network sometimes contains personal information or business intelligence. To establish a secure and private transmission, communications across various IoT devices and platforms over the network should be encrypted to protect data security.
Smart and Secure Development of IoT
Considering the huge amount of personal data that IoT devices may collect and use, we are moving to an era of smart living with the rising demand of internet-connected gadgets and devices. Security has naturally remained one of the biggest challenges alongside the exponential growth of IoT. Looking forward, the convergence of blockchain technologies could possibly facilitate the development of IoT solutions. The development of IoT would be not “complete” without a mature and secure IoT infrastructure.
CITIC Telecom CPC provides one-stop shop managed security services, complementing multiple Security Operations Centers (SOCs) with high availability and disaster recovery functionality. We are here to help you achieve high levels of data and cloud security, and protect your business from cyber threats. Contact our security consultants now for a free consultation today!
Вы собираетесь посетить наш сайт