The Internet of Things is growing. Smart, connected devices range from highly intelligent, intricate devices to even your refrigerator at home. With the growing number of connected devices, it is now, more than ever, important that proper security architecture is in place to defend from malicious attacks. Already, there have been hacks involving smart home IoT devices allowing access into private networks; devices such as routers, smart TVs and even refrigerators.
The increase in connected devices in our everyday life could pose a security threat moving forward in the form of botnets. A botnet is a group of internet enabled devices or computers that have been remotely accessed without permission with intent to be used illicitly. For example, a botnet, formed of thousands of connected devices, can be used to continuously ping a server or website again and again until it fails. Note the latest US DDoS attack on Dyn using hacked cameras and DVRs.
While a botnet is not a brand new concept, it is becoming more and more possible to create with the increasing level of connected devices and decreasing security measures taken. There are many reasons why the Internet of Things could be contributing to this security concerns, but the main two are:
Increase in Connected Devices – Not all IoT devices can be used maliciously against a hacker’s target, but there are enough to make a difference. Gartner predicts that there will be over 20 billion connected devices by 2020. Even a percentage of this number could prove to be detrimental if compromised.
User Negligence – Many of these connected devices such as smart appliances, TVs, routers and smart door locks are much easier to compromise than they should be. This is due to the carelessness of the user. Many users take these devices out of package and fail to ever reset the password! Or even use the same passwords throughout all devices. These devices should have as much security effort put into them as a desktop computer.
It is also important that if a platform is used to manage these devices, there is optimal security architecture put into place from the beginning. This would be more in the case of a business or city using many smart devices on one network and one platform rather than on a consumer level. Proper security should monitor all devices separately, alert about malicious activity and automatically defend or shut down individual devices as needed. Botnets are a real concern, and IoT is only making them more of a threat. It is important that we take all security measures seriously when implementing devices into our life or deciding on an IoT platform to deploy into our business.