bakhtiarzein - Fotolia

IoT is good news for hackers

Technology companies, governments and the insurance industry need to band together to counter the mounting cyber threats from the internet of things

The world is preparing to put tens of millions of connected cars on the road, hundreds of millions of smart appliances in our homes and build as many as 61 nuclear plants to power cities.

In the Asia-Pacific (APAC) alone, the number of internet of things (IoT) devices is expected to jump 300% by 2023, exceeding that of any other region.

This is already translating to higher spending on IoT. In 2013, IoT raked in revenues worth approximately $5bn, a figure that grew to $28bn in 2016 with a compound annual growth rate of 43.6%.

China and Japan have been the largest contributors to the IoT market, and were responsible for 78% of the market in 2013. Their market dominance is expected to continue in 2017, with India following closely behind. From accounting for 2.9% of the market in 2013, India’s share of the APAC IoT market will grow to 10% in 2017.

The scale of IoT is incredible, even at an early stage of innovation where there has been a growing diversity of devices. However, its potential as a vector for cyber attacks will only grow. Throughout history, cyber criminals have always kept pace with innovation cycles and IoT is no exception.

Take the WannaCry ransomware that infected many businesses earlier this year. Although it did not target IoT devices, many connected devices run embedded operating systems that may not have been patched to handle the latest attacks. Imagine the potential damage for essential sectors such as healthcare where data is locked up for ransom.

Mirai, on the other hand, was used to launch distributed denial of service (DDoS) attacks that specifically targeted Linux-based IoT devices in 2016.

Although Mirai and WannaCry had attracted global attention, the attitude of IT professionals has not kept pace with the advances of such malware. Studies have shown that businesses and IT professionals were “very concerned” about cyber attacks, but very few have made sufficient efforts to secure their IoT devices and applications.

With the advent of new technology, manufacturers are rushing to roll out new capabilities in their devices without paying enough attention to device security at the design stage. By the time these devices are secured against existing vulnerabilities and risks, cyber attacks would have evolved into new levels of sophistication.

Asia may be most vulnerable

The frequency, scale and intensity of cyber attacks are expected to increase yearly, more so with IoT devices that increase an organisation’s attack surface.

The technology sector, security companies, government agencies and the insurance industry should band together to address fast-evolving security threats, especially attacks on connected devices that pose a monumental threat to homes and individuals beyond governments and business.

IoT presents a connected yet complex world and in face of a threat, there may not be 100% protection. The only defence strategy is to be prepared at all times.

Read more about IoT in APAC

The IT industry needs to continue to be more vigilant and businesses must be more prepared with adequate business planning and recovery strategies. Networks have evolved to be more elastic and resilient, and new developments such as artificial intelligence may help lower the risks with auto-recovery capabilities.

Countries in APAC are investing, initiating, and spreading awareness about IoT as they aim to connect up millions of devices to improve lives and business productivity. The near future foretells an interesting time and incredible developments. 

Read more on Internet of Things (IoT)