The use of IoT devices is expected to reach 18 billion by 2022. What does this mean for cyber security?
“We are entering an age of dependence on technology, and that’s putting us at risk. Today, most security is reactive. We need to make security predictive,” stated Dr Hugh Thompson, Chief Technology Officer at Symantec at the 2018 CeBIT Conference in Sydney.
Cyber security attacks are increasingly sophisticated – and this is leading businesses to constantly ensure their systems, operations and data are protected from potential cyber threats. According to Thompson, cyber security is ever-evolving and what was effective five years ago is no longer viable today.
What does research on IoT show?
As the world’s population increases its usage of the internet, Cisco’s Visual Networking Index Forecast estimates that 4.6 billion internet users will be operating 27.1 billion individual networked devices globally by 2021.
Ericsson, a telecommunications company, expects that the number of Internet of Things (IoT) devices will surpass the number of mobile phones by the end of 2018 and will amount to 18 billion by 2022. By definition, IoT refers to smart devices being interconnected through the internet such as mobile phones, coffee machines, washing machines to even the toaster on the kitchen bench.
Gartner Inc. further revealed in a press release that the adoption rate for IoT-enabled devices has significantly driven data accumulation. The report also forecasts that people will globally be producing 163 zettabytes of data by 2025. In “The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation” report prepared collectively by the Future of Humanity Institute, University of Oxford, Centre for the Study of Existential Risk, University of Cambridge, Center for a New American Security, Electronic Frontier Foundation and OpenAI, industry experts predict that almost 92% of future human activities will either rely or be stored in the cloud. As such, the demand for more data centres will have to increase to meet the demand for more processing and data storage capacity.
Are our devices being weaponised against us?
Thompson pointed out that few people understand how IoT interconnectedness makes them more vulnerable to cyber attacks. As IoT devices are connected to the internet, they run the risk of being hacked into just like computers. Concerns are especially heightened when such devices are either camera-enabled or microphone-enabled.
IoT is a double-edged sword – while it improves operational efficiency and is cost effective; it also makes us more susceptible to cyber security attacks. 20% of organisations worldwide using IoT devices have experienced at least one cyber attack over the past few years. Jacqui McNamara, Head of Security Services at Telstra, further added that the world currently has a large surface attack and that it is therefore impossible for organisations and individuals to be 100% secure.
Are we cyber aware?
"A vast majority of people don't natively feel a sense of risk towards technology" stated Thompson. People are willing to take the risk and are not as vigilant about security in the virtual world. An example is how Facebook users did not delete their Facebook accounts in spite of the recent Facebook scandal with Cambridge Analytica – a political firm that gained access to more than 50 million Facebook accounts without the Facebook user’s consent. This goes to show how much personal data sharing we are willing to forego to be able to remain connected on social media platforms.
Thompson explained that for a long time, the answer to increased cyber security was to increase people’s cyber-awareness through training. However, the challenge with that was teaching someone the sense of risk as risk takes different shapes and forms. Thompson’s concern is that people have been trained with rules and are pre-conditioned to react in a specific way to known risks only, for example, not clicking on email links from unknown sources.
The concern however, is that people are not aware of other ways that hackers can steal their private information. Sophisticated hackers today employ search engine optimisation strategies to ensure that websites they control are ranked at the top of the page. In doing so, their victims are more likely to click on their links. “The end result is that people’s system is not just compromised, but their IoT devices are actually being “weaponised” against them,” said Thompson.
Data analytics to the rescue
Thompson reassured us however that measures and precautions can be taken to prevent potential cyber threats. In his opinion, data analytics is one solution to cyber threats. Through the use of analytics, companies would be able to focus on the value of data rather than spending time on how to respond to cyber attacks. Thompson suggested that IoT devices should come with a label just like a nutritional label would on food packaging. In doing so, people would have a clear understanding about the “sensory, connectivity and security” information of the IoT product – just like the equivalent of calories, protein and carbohydrates would be indicative of how healthy the food product is. Hence, having the specifications of the IoT product clearly communicated on a label would enable people to build preventive cyber security measures to safeguard their system.
McNamara also shared her expert insights on the impact that IoT may have on cyber security. Individuals’ increased use of unsecured wireless networks has led to a 300% growth in mobile malware every month for Telstra within the Asia Pacific region. However, hackers are still using traditional hacking methods via SMS and mobile banking Trojans to steal their victim’s information.
McNamara added that 90% of mobile security attacks can be prevented if organisations and individuals take the following measures:
- Use anti-fraud solutions such as Imperium to quickly identify and react to network and application attacks;
- Educate staff and one another about how to mitigate cyber security attacks and the relevant risks; and
We can help
If you are looking to hire cyber security experts or looking for an opportunity within the cyber security space, please do not hesitate to contact us via the form below. You may also follow Huxley on Linkedin to get in touch with us.