4 Important concerns about IoT security

AT&T experts have seen a dramatic 458 percent increase in IoT vulnerability scans against devices since 2013

by Scott Koegler

As the number of devices connected to the Internet of Things (IoT) soars, they are becoming a more frequent target for hackers. IoT devices are potential gateways into your enterprise systems because they are widely distributed, and security standards are not yet established for many of the devices.

Hackers are scanning for IoT vulnerabilities at a frenetic pace. As noted in “The CEO’s Guide to Securing the Internet of Things”, the second edition of AT&T Cybersecurity Insights, AT&T experts have seen a dramatic 458 percent increase in IoT vulnerability scans against devices since 2013. A scan represents an adversary looking for weaknesses in your network defenses.

The cost per security incident also keeps rising. The number of organizations reporting financial hits of $20 million or more in 2014 increased 92 percent compared to 2013, according to “The Global State of Information Security Survey 2015” from consulting firm PwC US and CIO and CSO magazines.

There are several issues that you and your IT staff must grapple with as you work to maintain the security of the enterprise. Here are four of the most pressing:

1. Billions of different endpoints. Each IoT device by definition communicates with a network, meaning each is an endpoint for an enterprise system somewhere. It’s reasonable to expect that as IoT technology matures, devices will become more secure, but there is no assurance that older units will be updated or replaced. The number of IoT-connected devices is projected to soar beyond 30 billion by 2020. There will be many types of connected devices, and each will have vulnerabilities.

2. Enterprise interoperability. Intentional connections between IoT devices and the enterprise can be controlled and managed through appropriate systems. But, as we’ve learned by dealing with bring your own device (BYOD) and wearables, there are plenty of unknown interactions. In many cases, only those unknown connections that are exploited are ever discovered. Undiscovered connections can lie unused for long periods until they are called into service to carry out an intrusion.

3. Dissimilar devices everywhere. IoT devices are different from many of the systems your IT staff is accustomed to working with because they are embedded in other devices. Rather than managing TCP/IP and 802.11 protocols, tech workers will need to learn IoT6, Zigbee, and others. These won’t replace existing systems but rather connect with them and extend them, complicating and increasing the number of layers in the protocol stack. In addition, because some devices have very long lives, devices may remain in service much longer, because changing out the computing device means also replacing the unit it controls.

4. Connections to the physical world. Intelligence is being added to industrial controls, healthcare systems, automobiles, and other platforms so they can be more efficiently managed through remote access. When these systems are hijacked in attempts to reach enterprise data connected to their back-end systems, they can cause physical harm along the way. Devices like pumps that administer medication, for example, can be connected to hospital inventory and ERP systems that are, in turn, connected to the supply chain. But along the way, they are attached to patients. Interruptions that are side effects of the intrusion can cause changes to dosages and be life threatening.

IoT is already changing how IT deals with security. The immediate remedy is to increase IT’s understanding of the specific changes they are dealing with and to harden its defenses at the connecting points between enterprise computing and IoT.