There is no question that the Internet of Things (IoT) has revolutionised commerce, providing service providers with a direct, vibrant and immediate channel of interaction with customers – and immediate gratification for consumers! However, the Internet is under threat from evolving cyberthreats and IoT security is of growing concern to the market.
This is according to Paul Evans, CEO of Redstor, an international data management and security specialist firm.
Evans says given that IoT devices need Internet to function, perhaps the real issue is around how to secure a network and ensure that it cannot be accessed by an unauthorised individual?
“Maybe so, however, for organisations of all sizes IoT can mean something slightly different; network connected devices such as printers, CCTV, webcams and Wi-Fi routers represent the IoT landscape as it currently stands for businesses and in everyday office life there seems nothing threatening about this,” he continues.
Redstor says IoT has a shady reputation as far as security is concerned, and known for poor levels and regular hacks.
As Evans explains, hackers have worked out how to transform connected devices into botnets to launch large-scale attacks on other organisations and networks.
The company continues that in 2016, hackers were able to turn over 150,000 IoT devices into botnets and initiate an attack with global repercussions.
“The problem stemmed from poor credential management; the Mirai strain of malware used, took advantage of default passwords and account settings and with relative ease was able access the devices,” Evans says.
While it is difficult to predict when a network could be at risk and even fend off any attacks, it is possible to limit the potential fallout of an attack by taking proactive steps to mitigate risks and effects.
“With IoT devices the solution lies in the way they are set up and administered; hosting IoT devices on a separate network to core business or organisational systems will begin to mitigate the damage that can be done,” Evans continues.
When it comes to IoT and devices, the key thing is to regularly update passwords and this cannot be basic or obvious.
Network monitoring tools can also be implemented to help assure the protection of office devices.
Redstor says whilst this may not stop an attack it may pick one up, and flag up any vulnerabilities within systems allowing network managers to patch and prevent future attacks.