More and more devices are being connected to the internet every single day. But with these devices, security is often an afterthought and the outcome of these insecure devices can be very costly for companies and customers alike.
We are seeing an increasing number of IoT devices that are being exposed to vulnerabilities as insufficiently secure devices are communicating with users and each other in a more connected world.
The lack of security and the topic of IoT in general is dominating recent news with many reports focusing on IoT-related malware, cyber-attacks and growing consumer unease.
Here, we provide a round-up of some of the biggest security breaches in recent news that are influencing how we see security in connected IoT devices:
A survey, published in June 2017 by Altman Vilandrie & Company, found that as many as 48% of companies in the US have experienced a security breach. Companies with revenues under $5 million, saw estimated average costs of 13% of revenue as a result of the breach while larger companies saw it run into the millions.
The survey also identifies the potential vulnerabilities for firms as more devices becomes internet-dependent.
On 12th May 2017, a global cyber-attack infected more than 300,00 computers in over 150 countries including Russia, Taiwan, Ukraine and India. Often delivered via emails, the malware locks up the files with a demand for payment in bitcoin to regain access.
The ‘WannaCry’ malware hit some of the biggest organisations including the NHS in the UK, Interior Ministry in Russia, Telefonica in Spain and FedEx Corp. Many are labelling this a ‘wake-up’ call to consumers, organisations and the government in the importance of effectively securing devices.
The ransomware hit about 40 NHS organisations scrambling data on computers and demanding payments of £200 to £400 to restore access. The attack resulted in operations being cancelled, ambulances being diverted and documents being unavailable.
In April 2017, hackers activated all 156 of Dallas’s emergency alert sirens resulting in more than 4,400 calls to the 911 emergency call centre. The compromised alerts pushed waiting times of 911 calls from 10 seconds up to 6 minutes. This major breach identifies the necessity to safeguard major technology and infrastructure as connected devices grow and ransomware attacks increase.
A new IoT botnet, found on April 2017, has targeted over a 1,000 different models of IP cameras to carry out DDoS attacks. Researchers have discovered over 120,000 affected IP cameras around the world. These cameras were built to be easily set up by the user – a feature which has made it vulnerable to IoT malware.
IoT devices remain vulnerable to such attacks as manufactures rush to bring devices to the market and consumers lack the awareness and knowledge to protect against security attacks.
CloudPets toys connect to mobile apps that lets parents and loved ones send messages to their children through the soft toys. According to a security researcher, on February 2017, over 820,000 user accounts were exposed. The information was stored in an insecure database that didn’t require authentication, exposing personal information, photos and recordings of children’s voices.
With increasing number of organisations and individuals targeted by cyber terrorists, the focus needs to be on securing these devices and educating consumers to protect personal data and valuable property from risk.
The “Securing the Internet of Things” report conducts in-depth interviews with leading manufacturers and organisations in US and Europe to identify IoT vulnerabilities, threats and ways in which to mitigate high level risks. The research is used to make recommendations in next steps for vendors, consumers and the government.
To find out more about IoT security, check out the full “Securing the Internet of Things” report here: