The internet of things: The cyber security risks and how to protect against them

While the IoT affords many advantages by connecting the world, security risks pertaining to IoT are growing and rapidly evolving.

Recently, the UK’s National Health Service encountered a devastating multi-national cyber-attack. Investigators have since discovered that this was only a small part of a simultaneous attack with over 57,000 ‘infections’ found in 99 countries across the world. Russia, Ukraine and Taiwan were the top targets and UK Prime Minister Theresa May called the attacks “unprecedented”. 

This multi-national cyber-attack serves as a reminder that cybercrime poses a huge threat to businesses, organisations and individuals across the world. In an age of hyper-connectivity, cyber attackers, usually looking to steal personal data, have more opportunities than ever.  This increased hyper-connectivity is a result of the constantly expanding ‘Internet of Things’, which is transforming the digital world and has the potential to impact every business, organisation, and person. 

The Internet of Things (IoT), which is the inter-networking of physical devices, has been described as the next ‘industrial revolution’. The number of internet enabled hardware devices is expected to exceed 50 billion by 2020; connected devices can range from health monitoring implants, chips on farm animals, smart cities, cars equipped with wireless networks, and fitness trackers. The advances of the IoT are emerging so quickly that it’s hard to foresee what may be next and, as a result, means that as businesses, organisations and individuals, we are more exposed to cyber-attacks.

Businesses can reap huge benefits from this heightened inter-connectivity on a daily basis. The constantly improving networking capabilities of every day devices used in the home, office, vehicles and factories open up a huge opportunity for business improvement and customer satisfaction. For example, businesses can use connected devices for tracking and stock control, shipping and locating objects, security monitoring, and energy conservation. Experts predict that from 2015 to 2020 business investments in the IoT will grow from $215 billion to $832 billion.

Designing security at hardware level

While the IoT affords many advantages by connecting the world, security risks pertaining to IoT are growing and rapidly evolving. A recent report by Samsung shows that there is a need to safeguard every device by 2020. Samsung’s ‘Open Economy’ document argues, “There is a very clear danger that technology is running ahead of the game.”   The complications involved with hundreds of detectors constantly collecting data within a single institution create innumerable complexities and technical challenges. With no plan to analyse and protect such large amounts of data, issues of compatibility occur. Some organisations are slow to perform risk assessments due to fear of what they may find – the associated costs of addressing the vulnerabilities are often high.  Once an organisation is made aware of a vulnerability, there is an increased pressure to mitigate.  

It is critical to understand the progressive and sophisticated threats that cyberattacks represent to every aspect of a business. We must advance cyber threat detection capabilities and implement robust layered hardware and software protection for networks. Today’s standards for annual audits of public companies should include a cyber threat vulnerability analysis, and most of the better recognised independent audit organisations have well versed expertise in these areas. In order to execute such checks, c-suite executives need to proactively stay engaged in cyber defense initiatives and be held accountable should cybersecurity breaches occur.

To date, the response to cybersecurity attacks has primarily been a software response post-breach. To protect our countries and economic infrastructure, cybersecurity needs to be designed and implemented at the hardware level with the software protective gates and layers designed to be an integral part of the hardware’s functionality. Our 109,000 square-foot BRIDG facility opened in Florida in March 2017 and is the world’s first industry-led smart sensor consortium providing all-inclusive solutions to bridge the technology and capability gaps across multiple fields. We are currently working with a number of companies on the development of security products that would be incorporated into IoT devices and thus connected to various networks. 

It will be fascinating to see how the IoT develops over the next few years and starts to make our lives easier.  At the current rate that the IoT is evolving, who knows what developments we can expect? The market for connected cars alone is projected to reach $54 billion in the next two years. The IoT market for healthcare is estimated to reach $117 billion by 2020 from applications like patient monitoring devices to hospital operation devices. Through working with our partner companies and universities, at BRIDG we are already planning for tomorrow’s emerging technologies. Our flexible and adaptable ‘clean rooms’ mean we have space to accommodate a variety of activities.  

Recognising threats

We recognise the challenges faced by the IoT, and we bridge together high technology with university and industry-related research to businesses so they can take practical advantage of that technology. Our state of the art facilities helps us bring to light new and existing ideas for our partners. The facilities here have specifically been built with hundreds of pylons to minimise vibrations; the buildings have 140 air changes per hour to reduce dust; and our labs also contain ‘clean rooms’ to reduce potential pollutants. 

Clearly the IoT has the potential to substantially change every aspect of our lives from the food chain to how we take a more active role in managing our health to the way we spend the hours we have every day.  With financial, medical, and personal data at the increased risk of being maliciously exploited, we need to hold ourselves accountable to ask the fundamental questions about every device we connect to our home or business network; “Am I able to fully understand the risks and safeguards included in this device?  If not, do I know where this device was made? Do I trust the source and associated supply chain?”  Making informed decisions considering the answers to the questions will allow us to reap the net value from the future of IoT. 

Chester Kennedy, CEO, BRIDG
Image Credit: Jefferrb / Pixabay