Predictions: Learning from the past as we advance IoT security in 2018 and beyond
The start of a new year always provides companies with a great opportunity to reflect on the challenges they’ve faced in the past 12 months and take stock of the lessons they might have learned from them. While 2017 has seen a large number and variety of cyberthreats hit companies around the globe, this trend is set to continue into 2018 and organizations should re-evaluate their practices now if they want to avoid being caught up in cyberattacks this year.
In 2017, contrary to what many were expecting, it wasn’t the development of sophisticated attacks that troubled Europe, but rather common, known vulnerabilities. For example, in February, bad actors took advantage of Spiral Toys which left 800,000 customers’ details and recorded conversations online and unencrypted. The product that left these details so vulnerable was an IoT teddy bear. Given how accessible known vulnerabilities are to both organizations and hackers, it is critical for enterprises to have good cyber hygiene to prevent hackers from taking advantage of a weak link and exploiting a given vulnerability before it can be patched or updated.
Below reveals what we foresee could happen next…
… from Ayelet Kutner, vice president of engineering, Innovation Center
OT cyberattack that ruffles calm waters. My crystal ball is telling me that as some organizations are slow to adopt IoT/OT security solutions, in 2018, we may see an attack on a large operational technology network — and it won’t necessarily be sophisticated — but it will be enough to significantly disturb normal business operations of an electrical company, water facility, etc. Or impair an organization’s ability to provide services, get paid by their customers, or a similar consequence in the U.S. or EU. It may be brute force or a distributed denial-of-service attack.
… from Jon Connet, senior director of corporate strategy, Business Development
The first IaaS breach, the rise of cyber-physical threats and pervasive encryption. We’ll likely see the first major data breach of an infrastructure-as-a-service vendor, as attackers and threats will continue to follow the data and money. The rise of cyber-physical threats will drive explosive growth in the cybersecurity insurance market. We will see progress on cybersecurity becoming a board-level issue, especially in the industrial space. Additionally, encryption will likely become increasingly pervasive in the corporate and consumer world, but advances in quantum computing may start to erode the effectiveness of traditional encryption approaches at the nation-state level.
… from Bob Reny, principal systems engineer
The intensity level for hacks will continue to rise. We’ve seen a major credit organization hacked… and, I expect moving forward the intensity of these hacks to only increase. Sadly, we may see someone harmed or killed because of rogue code on an IoT device, making it the first death by a remote hack. I also expect to see a change in how artificial intelligence starts to interact with people. Chatbots will become aware and start stealing data.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.