When it comes to the Internet of Things (IoT), security is one of the top issues. Nowadays, we use the Internet for just about everything from checking our bank account balances to storing personal health information. IoT security issues are undoubtedly a main focus for those who work in cyber security roles. Let's take a look at some of these issues and how cyber security experts are working to keep us safe while we use the internet to improve our lives.
IoT Security Considerations
It was not long ago when people used the Internet mainly for checking the news, sending and receiving e-mail and interacting with others in online chat rooms. In the past two decades we have rapidly accelerated to the point where most people in first world countries are using the Internet throughout the day for a variety of purposes. Today, people wear medical devices and other Internet connected “wearables” while exercising, sleeping, walking and performing other activities. These electronic devices are engineered to automatically connect to the Internet and report user activity, access downloads or improve customers' lives in some way.
Unfortunately, there is a downside to always being connected online. Malicious individuals are targeting wearables and other IoT devices to steal personal information and wreak havoc by compromising data security. As one of the more popular wearable items today, smart fitness bands such as Fitbit, Nike FuelBand or Pebble Watch have also been targeted. This technology is used to measure different activities, including tracking the amount of steps a user has walked in a day or hours of sleep they get each night. Although this seems like useless information for cybercriminals to obtain, experts actually predict that this type of personal data can, in fact, be invaluable.
For example, most people turn on their Fitbit when they leave the house for their daily hike, afternoon errands, or even work. If a hacker gains access to the data on this personal device, they can determine where their target lives, works, and where they are going while the Fitbit is turned on. The hacker could then use this information to hack into their work, steal items from an empty home, or utilize the personal data to steal more information. Those who scheme to access web connected fitness devices can get their hands on personal medical/health information stored on private networks as well as other devices connected to such networks.
These criminals are constantly attempting to access devices that everyday Americans rely on for home health care and personal health. If they infiltrate these devices, they can access sensitive data and even alter the coding that determines when medicines are dispensed. Because of this, cybersecurity experts are working around the clock to prevent such cloud security issues. These are the individuals who we trust to address these network security challenges, implement security patches for IoT devices and troubleshoot them for vulnerabilities.
Proactively Keeping IoT Devices Secure
The Open Web Application Security Project (OWASP) is one organization that strives to identify IoT vulnerabilities. This is a non-profit group centered on improving security software to improve the lives of everyday people. The group's aim is to make IoT security highly visible to enhance the knowledge of citizens and key decision makers around the globe.
Web security professionals at the cyber security company called Veracode recently studied IoT consumer devices and found that most are highly vulnerable to attacks. The company monitored the data going in and out of numerous IoT devices and uncovered an egregious amount of security risks. Veracode states, “Leveraging information from Ubi could enable cybercriminals to know exactly when to expect a user to be home based on when there is an increase in ambient noise or light in the room, which could facilitate a robbery, or even stalking in the case of a celebrity or an angry ex. Taking advantage of security vulnerabilities within a Wink Relay or Ubi device, cybercriminals could turn the microphones on and listen to any conversations within earshot of the device, supporting blackmail efforts or capturing business intelligence from a user’s employer in the case of a home office. Applying vulnerabilities found in the Chamberlain MyQ system, thieves could be notified when a garage door is opened or closed, indicating a window of opportunity to rob the house.”
These findings are proof that it is extraordinarily difficult to keep IoT devices completely secure. Sometimes, our devices such as smart phones or tablets have minimal processing power that often prevents the implementation of thorough encryption as well as other security measures. This makes it challenging to update or “patch” this technology with a quick fix. Add in the fact that some of these machines are cheap and sometimes made to be disposed of and it is easy to understand why IoT security problems are becoming so commonplace.
The Growing Need for Cyber Security Professionals
Cybersecurity professionals are constantly implementing solutions by way of new coding, software updates, and improved security measures. Many rely on tools like the Android Debug Bridge to troubleshoot IoT software and identify answers to potential security problems. Others stress the need to emphasize security during the device creation process, focusing on “future-proofing” these devices and reinforcing access control and device authentication. More companies are hiring cybersecurity experts to implement these highly complex solutions as a part of expansive data security management teams.
Customers will grow increasingly concerned about the security of their IoT devices as more security breaches occur in the future. The savviest executives are ramping up their cybersecurity hiring efforts to enhance product security and maintain the support of customers far into the future.
There is no doubt that IoT will continue to grow in the future. It’s expected that there will be more than 50 billion electronic devices connected to the Internet by 2020. The need for cybersecurity professionals will also increase as we rely on the Internet for more aspects of our daily lives. Whether it is a smart grid, a public WiFi network, mobile health devices or another IoT device, there are endless threats that cybersecurity experts must plan for, coordinate and prevent.
While improving day-to-day life through IoT seems fantastic, connecting the majority of our devices to the Internet can actually be quite risky. Today, about 70% of the most popular IoT devices are considered to be vulnerable. They aren't stable enough when it comes to password security, user access privileges or encryption. As everything from the refrigerator to the washer, dryer, garage and other key electronic devices are connecting to the Internet, each is vulnerable to attacks that are constantly being warded off by cybersecurity forces.
Cyber security professionals will continue to prove critical in safeguarding our personal information as well as this amazing technology. These individuals monitor networks and track down hackers to help prevent our connected devices from being controlled by malevolent individuals with sinister motives.
Learn about the rewarding careers in cybersecurity
- :: Discover the latest technology used by professionals in this field.
- :: Learn how to incorporate your skills to improve security measures
- :: Find out how to leverage your degree to advance your career