Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Technology

THREE PRESSING CYBER THREATS FOR IOT IN 2018

THREE PRESSING CYBER THREATS FOR IOT IN 2018

Published : , on

By Kristofer Mansson, CEO of Silobreaker

Every year we see new pressing cyber threats, from new targets for hackers to new issues cropping up in the cybersecurity space. 2018 will be no different. One area that has recently got a lot of attention is IoT devices, as the use of such devices has increased in both the public and private sectors. Here at Silobreaker we are keen to highlight three pressing cyber threats to IoT devices that we believe enterprises need to be aware of:

Industrial Take-Downs

By 2020 it is expected that 25% of cyber-attacks will target IoT devices, many of which will be deployed in industrial environments. Infection and covert usage of IoT devices to mine cryptocurrencies or conduct DDoS attacks is a trend that isn’t slowing down, and one that is especially problematic in the industrial space because Industrial IoT devices tend to be both poorly secured and difficult to patch, especially across a distributed environment such as manufacturing.

It’s true that Mirai, and variants such as Okiru and Satori, pose a major risk to manufacturing, where the reduction of a connected device’s processing power can seriously impact safety or disrupt processes. But there is also the potential for untargeted, collateral damage in this space. The prospect of motivated attackers leveraging destructive malware such as BrickerBot to wipe devices is highly concerning, but such ‘attacks’ need not even be targeted to cause damage. A wormable exploit such as the one used by WannaCry could cause widespread infection of industrial IoT devices –  to devastating effect – quite regardless of the original intentions of the attacker. We expect to see a major event of this kind take place in 2018.

Bringing in the Professionals

Another pressing threat for 2018 is a dearth of skills and resources. Humans are still the weakest link in the security chain, but hiring and training people who can understand and respond to issues in the threat space is only becoming more difficult. Demand is rising much faster than supply, with 3.5 million unfilled positions in the cyber security field expected by 2021. At the same time, the eternal catch-up game played between criminals and analysts continues, with threats becoming more sophisticated and widespread every day.

As we further integrate IoT technology into our lives and into sectors such as manufacturing and critical infrastructure, this problem is not going to go away – it is going to get worse. The skills we need to protect ourselves: analysing information, separating intelligence from noise, and understanding the motivations of threat actors, are in short supply. They need to be cultivated. And to some extent this is happening; we’re simply not doing it fast enough. If this skills gap widens too fast, and too quickly, it won’t matter how much companies are willing to pay to fill these vital positions; we will all become victims.

To mitigate this issue, we need to put more effort than ever into hiring, training and retaining the next generation of cyber security experts. Information security is increasingly being viewed as more than an IT-only problem, which is a big step, but budgets don’t always scale with intentions. Yes, working to improve the “cyber hygiene” of employees is important, but no organisation is unbreachable. And we need many more skilled people if we want to be prepared for when the worst happens.

The Most Tantalising Treasure is Data

Theft and manipulation of personal information from IoT devices is a growing concern for 2018. With IoT machines becoming ever more popular with consumers, we need to come to terms with the idea that our personal information is more at risk than ever. Devices such as Amazon’s Echo and other virtual assistants allow us to (often unwittingly) sacrifice convenience for security – as we learned when a researcher used malware to stream audio to a remote server. Or when a Bluetooth vulnerability rendered Echo, Google Home and billions of other devices vulnerable to hijacking. We don’t know all the potential methods by which our personal information – what we say and do in our own homes – can be used against us, because having one’s personal life potentially exposed in this way is brand new. Identity theft and the resale of shopping habits are all perfectly possible, but this data can also enable crime in the physical world. If you’ve suddenly stopped ordering your weekly groceries, maybe there’s nobody at home? Assuming such information can be accessed, it will certainly be sold.

Mitigating data theft from devices like Echo is both a manufacturer issue and a consumer one. The more these devices are sold and used, the more attractive targeting them becomes for criminals. At the same time, the longer consumers wait before purchasing, the more tried and tested (and secure) this technology becomes. Purchasing from quality vendors will also reduce the risk of security ‘oversights’ and make sure that vulnerabilities are patched. Fundamentally, it also comes back to the very personal question of convenience versus security; to what extent are the risks worth the rewards? Caveat emptor.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post