IoT promises tremendous leaps forward in almost every aspect of industry and business, as well as civic and personal life. However, it has also significantly raised the stakes for security by introducing a flood of new connected devices which are highly vulnerable to hacking. According to the U.S. Federal Trade Commission there are now twenty-five billion devices online — if research presented from a Hewlett Packard IoT security study is correct, between 70 and 80 percent of them may be insecure, lacking encryption and sufficient password protection. The danger, however, goes far beyond the individual vulnerability of these devices. Their connected nature means that they can be hijacked en masse to perpetrate large scale attacks that are, quite frankly, beyond the scope of anything we’ve seen before.
DNS provider Dyn’s well-publicized DDoS attack, which may have cost the company 8% of its business, shook the industry. Yet, this really was only a sampling of the danger posed by insecure IoT systems, which can threaten entire infrastructures. At Focus 16 Ted Koppel warned that an attack on IoT devices connected to the U.S. power grid could trigger a massive outage — the reality of which was proved when a group of researchers in Israel simulated such an attack on “smart lightbulbs” that controlled lights in a city block of offices. According to The Hacker News, attacks of this nature are growing in scale to exceed a terabit per second, meaning that the stakes in securing IoT systems are only going to increase. As organizations look to secure their networks, they must begin at the most fundamental level: the hardware.
Click here to read the full blog on Helium!