The lack of news about security breaches doesn’t mean the problem is solved.
The Internet of Things as we know has been in use in some form or another for at least a decade, but it is only in the past several years that it has achieved enough success that security has become an overriding issue.
The fact that breaches are no longer shocking is a sign that attacks are becoming more common. Only the biggest and baddest hacks raise eyebrows, like today’s hack of Germany’s government networks, or the active assault by Russian hackers on U.S. elections and at the recent Winter Olympics. Even the FBI report last month that “cyber actors” are duping people into providing personal data and downloading malware by impersonating the Internet Crime Complaint Center, aka IC3, went largely unnoticed.
The list of known hacks is voluminous. The Mirai botnet DDoS attack on Dyn in 2016 was big news. The breach of almost every major hotel chain rewards plan and credit card information from major retailers has faded from sight. The hacking of Equifax?
Fig. 1: Attacks reported in the past year. Source: Radware/Cisco 2018 Annual Cybersecurity Report
All of this is made possible by the underlying connectivity and infrastructure that makes the IoT possible. As more devices are connected to the Net, more breaches will occur. And what the IoT/IIoT offer to hackers is a greater attack surface with more ways in and more devices to search for weaknesses.
It’s not clear exactly when these problems really began. Much of that depends upon how you define the IoT. Both the IoT and IIoT are umbrella terms for an increasingly fragmented set of vertical markets or market segments that benefit in one way or another from being connected to the Internet. But what is clear is that the value of attacks is rising. Thieves are getting more sophisticated and much more active. According to the Cisco report, 53% of attacks result in damages of $500,000 or more, and that the most challenging areas to defend are mobile devices and cloud data.
So what does this mean for the state of security today? While more security features are being built into devices, connectivity makes it more likely that they will be attacked. As with all good security approaches, no solution will ever be perfect, and no single measure-complex passwords, authentication keys, crypto chips-will provide complete protection.
Security needs to be as multi-layered as the technology it protects. If an attacker gets through one door, there needs to be another door and then another door. And if the hackers are persistent enough to get through all doors, the system needs to be able to shut down, reboot securely, and start up all over again with an entirely new set of doors and codes that are generated from one or more random number generators. Systems also need to have data motion detectors, so that anomalies in code sequences and changes in traffic volume set off alarms, and they need to be able to change so that when hackers figure out one loophole, it can be replaced by another.
Some of this is in place today. Some of it needs to be added into devices. And some of it needs to be regulated so that devices that do not meet best-practice requirements can be instantly identified and barred from accessing the IoT. Sooner or later everything will be hacked. The role of security is to make that as difficult as possible, and then to allow these systems to recover after that happens.
Despite the lack of screaming headlines, this problem isn’t going away. And as more devices generate more data from the IoT and IIoT, the problem will grow proportionately.
 |
 |
 |
 |
 |
 |
 |
 |
 |
Leave a Reply