Experts Concerned Over Growing Security Threats Posed By 'Internet Of Things'

Experts Concerned Over Growing Security Threats Posed By 'Internet Of Things'

Sophisticated cybercrime has become an inescapable part of our world.

While there has been no shortage of variety in high profile attacks over the past several years, the term “hacking” typically has a very specific association, namely cybercriminals attempting to circumvent security protocols by faking authentication or breaking passwords.

Over time, however, hackers began to come up with some very unconventional methods of gaining illicit access. These tactics are almost always developed out of necessity, as many targets are immune to more classical methods.  

And hackers can certainly be creative.

At the recent conference of the Wall Street Journal CEO Council, an exclusive club of international business leaders organized by the newspaper of the same name, participants learned from cybersecurity experts the latest method in unconventional hacks. Nicole Eagan, the CEO of cybersecurity company Darktrace explained to listeners how one unnamed casino recently had its database of high rollers’ personal information stolen when hackers were able to breach the system via the Internet-connected thermostat.

This incredible hack, indeed an event that would be right at home in the pages of a popular spy novel, underscores the risk posed to networks by the evergrowing Internet of Things (IoT), the web of information flow created by the booming number of devices connected to the internet. The IoT is made up of an astoundingly wide range of stuff, from children's toys to commercial jets to remotely controllable light bulbs.

Needless to say, there are a lot of devices in the IoT. The number of total machines connected to the internet is expected to hit 50 billion by 2020. Gartner analysts estimate that over the next four years, the average home could have over 500 IoT gadgets installed in it. While this prospect has all types positive implications for improving our quality of life, from streamlining machine learning to expediting the flow and delivery of information, it also opens the door for some serious security vulnerabilities. Every IoT device is potentially an opening to the network to which it’s connected. While there are plenty of cyber security solutions that protect the system from direct illicit access, most are incapable of covering every access point exposed by the IoT. This is a particularly difficult challenge considering that (a) business want to give employees mobility by arming them with more and more portable internet devices like tablets and smartphones, and (b) common machines are increasingly being produced with web-connecting features. The hack described by Eagan is a poignant example of the dangers of this trend in action.   

The need for organizations to expand their connectivity to the internet and the threats this poses to networks, has triggered a whole new IT industry known as endpoint security. The challenge of endpoint security specialists is to give individuals and enterprises alike the freedom to increase their points of connection to the World Wide Web, without compromising their digital safety.      

Robert Hannigan, the former head of Britain’s digital spying agency GCHQ was also present at the WSJ conference and expanded on the growing problem of hackers targeting weak endpoints that companies need to face. "I saw a bank that had been hacked through its CCTV cameras because these devices are bought purely on cost," Hannigan told listeners. The former spy chief concluded: "with the internet of things producing thousands of new devices shoved onto the internet over the next few years, that's going to be an increasing problem.”

IoT vulnerability is one of the current examples of IT technology growing faster than our tools to secure them. Like most challenges in this field, the key to addressing this threat will be awareness. As users become more aware of the risks posed by the variety of machines and devices they connect to their company systems and personal accounts, hopefully the reality of IoT will become increasingly safer.