Acceleration of IoT Creates New Security Risks

Article date: Wed, 15 Jan 2020 09:55 GMT

Holly Williams

Technology experts are issuing fresh warnings about the security risks presented by the continued growth of Internet of Things (IoT) devices within both homes and businesses.

Gartner claims that 14.2 billion connected ‘things’ were in use in 2019, and that this will increase to a staggering 25 billion by 2021.

At the same time, the Ponemon Institute reports a dramatic increase in the number of organisations experiencing data breaches caused by unsecured IoT devices, up to 26% in 2019 from 15% in 2017.

These devices aim to simplify our lives, but at the same time, they amass huge amounts of data, which experts claim threaten user privacy and often lack proper security controls.

Recent high-profile privacy breaches involving IoT locks and webcams have fuelled fresh safety concerns.  

Holly Grace Williams, Technical Director at penetration testing firm Secarma, said: “There’s clearly still a significant education piece that needs to happen around the consumer approach to IoT. People put IoT locks and CCTV cameras into their homes in an attempt to make them more secure, and then connect them to the internet with insufficient security, which is ironic.

“Just this month, Amazon’s Ring, which develops home security products, fired four employees for accessing footage they shouldn’t have. In December a hacked Ring camera was used to spy on a young girl in her bedroom. This isn't theoretical or a ‘what if’, this is actually happening.

“I don’t believe that burglars are suddenly going to start learning how to hack to get access to buildings, but if somebody found a vulnerability in an IoT lock and released a public hacking tool, that massively reduces the barriers to entry and presents an even more significant risk.”

UKFast’s director of Enterprise Technology Chris Folkerd added: “The major issue in the IoT space is there's simply not enough regulation. There are no guarantees around the security of the devices that are being pushed out into homes and connected to business networks.

“If you’re considering using an IoT lock you need to do your research and be 100% certain about what you’re doing, because there’s a chance your insurance could become invalid.”

Experts also claim that the incoming 5G networks could encourage more use of IoT devices, broadening potential security vulnerabilities still further.

Williams said: “5G doesn't fundamentally change anything with regard to IoT, but it does enable faster internet speeds and more bandwidth. So if people are considering putting IoT devices on the internet, 5G might just entice them to do it. 5G also comes with its own security concerns.”

When asked what can be done to reduce exposure to security breaches when using IoT devices, Williams said: “Consumers need to ask themselves if it’s really necessary to connect their things to the internet. Is it giving them any major benefits? If the answer is ever ‘no’ then just don’t do it. Locks, toasters and fridges have been functional for years, do we really need to have them internet enabled? If you must have them, at least change the default passwords!

“Businesses can look at network segmentation, so that if an IoT device is compromised, attackers can’t use it as a pivot point to enter a corporate network.”

The comments were made at an event hosted by UKFast looking ahead at the key technology trends of 2020.

Watch the discussion in full

Print this article print this article.Return to Press Releases

Share with: