Any device connected to the internet can be hacked, attacked and misused by those with criminal intent. The number of “things” now connected to the Internet of Things (IoT) is ever-growing. Wi-Fi is the preferred network connection for consumer IoT, whereas, for industrial IoT, cellular is often required. But cellular connectivity poses some unique security challenges.

According to research results from Transforma Insights, the IoT has proliferated rapidly and is on course to reach 24.1 billion connected IoT devices by 2030, of which 4.7 billion will be public networks that are largely comprised of cellular connections. Although more secure than the public internet, devices connected to cellular networks require a thorough application of security best practices.

The good news is that there are more connected devices than ever before. In fact, McKinsey analysts estimate that 127 new devices are connected every second. The bad news is that each newly connected device represents security risks that are often overlooked or underestimated.

Begin Within

When we detect a threat, our first instinct is to find out everything there is to know about it, usually by focusing solely on external factors. However, when it comes to network security, the best place to start is internal factors. As a first step, ask your team to undertake an audit of your company’s security practices and identify where vulnerabilities expose your network. It may be hard to hear the painful truth, but you are infinitely better off knowing where your weaknesses lie so you can address them to ward off potential intruders.

Watch For Vulnerability Dominos

Whether sending commands to electric vehicle (EV) charging units, e-mobility docking stations or water-level sensors, communicating over the public cellular internet means vulnerability to external manipulation. If attackers succeed in compromising your IoT network, they can easily intercept unencrypted credentials and other vital information as it travels between devices. This could have widespread consequences in a connected ecosystem such as a smart city where, for example, the ride data from a shared scooter service feeds larger smart-city initiatives, supporting the “big data” projects that improve transportation across metropolitan areas.

In fact, with IoT security breaches, it is rarely a case of just one device or one dataset being compromised. Rather, when attackers crack one IoT device, they can potentially gain access to entire fleets of devices — and their data.

IoT devices on a cellular network are especially vulnerable to hacking attempts because, unlike devices on a Wi-Fi network, they are not necessarily in a secure facility. And even if they are, there is the potential for a determined hacker to plant a payload onto a central server and, from there, subvert devices on the network’s edge. Here are just three contemporary IoT-powered use cases that highlight the potential risks of unsecured devices:

1. EV chargers: Many nations are hurriedly rolling out charging infrastructures for EVs. Typically, these stations communicate over a cellular network. If the communication from the EV charger to the back-end system is not secure, a thief can circumvent charging protocols and trick the charger into delivering free electrons. Worse, if a coordinated attack was launched on a set of chargers, it could cause an electric grid overload.

2. Micromobility: Electric scooters use cellular and Bluetooth networks to report back to the scooter-share company’s central servers (for monitoring location, battery status and rider activity) and to interact with their riders’ mobile phones (for initiating a rental). Determined hackers have managed to override some scooters’ security and tracking software, scam free rides and even install malicious firmware to accelerate the scooter unpredictably and to override the speed-limiting controls to enable speeds of up to 40 mph.

3. Industry 4.0: As businesses accelerate their digital transformation to maintain a competitive edge, an enormous array of IoT sensors has been deployed. Cyberterrorism in industrial settings is certainly not new — the Stuxnet computer worm that wreaked havoc back in 2010 on Iran’s gas centrifuges for separating nuclear material is a classic example. Today’s factories are now bristling with exponentially more IoT devices connected (increasingly) over 5G networks. These represent an attractive target for a saboteur or cyberterrorist looking to hold a company hostage by gaining control of sensors and other IoT equipment along the assembly line.

Get Sassy

To guard against the countless IoT security threats that risk toppling even the most successful IoT solutions, you’ll want to consider multilayered network security. SASE, which stands for secure access service edge, moves networking and network security controls from the cloud to the network’s edge — as close to users as possible. By adopting the SASE model and its integrated services, it is possible for companies to obtain advanced network security from a single management platform without hindering network flexibility or speed of delivery.

Prioritize IoT Security Today

In summary, IoT device security demands that your team has the new skills required. Keep up with the latest standards. Consider replacing older devices that cannot support the latest security protocols. Pay special attention to third-party suppliers and manufacturers and require them to be SOC2 compliant. When possible, opt for more secure private cellular networks over the public internet.

Lastly, remember that any investment that goes into IoT device security — be it time, money or personnel — is an investment in the future of your business. In fact, your business may depend on it.

https://www.forbes.com/sites/forbestechcouncil/2021/12/10/how-to-recognize-security-threats-are-your-iot-devices-secure/?sh=b3dda8867b0a

 

Leave a Reply

EnglishFrenchKoreaSpain