Introduction to IoT and Cybersecurity
The Internet of Things (IoT) refers to the interconnected network of physical devices, vehicles, buildings, and other items embedded with sensors, controllers, software, and connectivity that enable these objects to collect and exchange data. They are increasingly popular in homes, offices and factories, giving a wide range of convenience and insights. However, with the increasing number of connected devices, cybersecurity has become a critical concern for IoT.
Vulnerabilities in IoT Devices
IoT devices are often designed with convenience in mind and may not have robust security measures in place. To make them low power and low cost, many makers have resorted to using older versions of open-source software, locked password changes and disabled firmware updates. This can make them vulnerable to cyber-attacks.
Threats Networks connected to IoT Devices
Cyber criminals can also target the networks that IoT devices are connected to. For example, some hackers have used Point-of-Sales (POS) terminals to enter companies. This can result in data theft, loss of privacy, or disruption of essential services. In addition, attackers may use IoT devices as a launching pad to attack other systems. This is known as Distributed Denial of Service (DDoS) attack.
According to Sonicwall, a American cybersecurity vendor, IOT Malware increased by 77% in the first half of 2022 to 57 million instances. https://www.sonicwall.com/medialibrary/en/white-paper/mid-year-2022-cyber-threat-report.pdf
Nearer to home, StarHub’s network was attacked by IOT devices via DDoS back in 2016 https://www.straitstimes.com/tech/starhub-cyber-attacks-that-caused-broadband-outages-came-from-customers-infected-machines
Such is the concern that the EU has developed licensing requirements for IOT devices. https://techmonitor.ai/policy/privacy-and-data-protection/eu-cyber-resilience-act-iot-connected-devices
Singapore is also collaborating with other countries on IOT device cybersecurity. https://www.iottechnews.com/news/2022/nov/10/uk-canada-and-singapore-join-forces-secure-iot-devices/
Importance of Secure IoT Development and Deployment
Yes, it is important to secure IOT devices and networks. Personal home attacks may include hijacking your home nanny cam to attacking your routers and stealing personal passwords. More seriously, your factory may come to a grinding halt, or your company’s intellectual property may be stolen through vulnerable IOT device as entry points. Security involves implementing measures such as
- using strong passwords,
- regularly updating device software and firmware, and
- monitoring networks for signs of unusual activity.
In addition, organizations should
- develop and implement policies and procedures for secure IoT deployment, and
- regularly train employees on best practices for IoT security.
If your company develops IOT devices, your development teams must be trained to develop robust and secure codes using good development practices and methodologies.
Dream Catcher has a series of courses on Cybersecurity and IOT as well as software development on embedded devices.
CYBERSECURITY ESSENTIALS (IT1687)
CYBER SECURITY IMPLICATIONS AND AWARENESS FOR MANUFACTURING INDUSTRY (IT1639)
EMBEDDED SYSTEM DESIGN – INFORMATION SECURITY FOR IOT DEVICES (IOT735)
(We had ChatGPT write parts of this article.)
Leave A Comment