In the digital world, new innovation leads to increased vulnerability. IoT security might be most affected by the new cybercrime trends.
According to TechRepublic, the threat of cybercrime over individuals and companies is increasing at an alarming rate, causing a massive and quantifiable economic damage on a global scale. Over 90 million cyber attacks are estimated to be registered this year, which means 400 hacks every minute. October has been declared National Cyber Security Awareness Month in both the United States and Europe, in order to raise awareness of this growing threat.
In 2017, experts estimate that companies and individuals worldwide might face a double number of hacks. Almost 70 percent of these attacks will not even get noticed, yet the fallout can be massive. According to Senior Director of Security Consulting at cybersecurity firm Spirent, Sameer Dixit, companies lose an average of $15.4 million per attack.
Dixit explained that the incentive to hack is mostly financial because hackers can sell stolen data on underground black markets. Personal health information, personal identity information, credit card data, bank account into, Social Security numbers are all among the information sold on the Dark Web. And what is more alarming is the fact that with every new innovation emerge new threats.
Emerging technologies such as autonomous cars and the Internet of Things (IoT) bring new security challenges as well, according to ZDNet. The increase in the number of internet-enabled devices on the market leads to a proportional increase of the security threats associated with those devices. And security experts' predictions for emerging cybercrime trends in 2017 are looking gloomy as well.
The emerging IoT technologies have expanded from smart home appliances to security monitoring systems. With the expansion of the IoT market, new security challenges are becoming more serious as well. There are many devices that were not initially designed to be internet-enabled that are now connected online and all of them are potentially open to cyber attack.
With this expansion trend, the Internet of Things networks is becoming more vulnerable than ever before, especially when they are implemented without proactive testing. Hackers can discover now some new entry points that can be used to gain unauthorized access to our business networks and homes. And, what is even more worrisome, they can also intrude into our privacy.
The security threats posed by vulnerable IoT devices are very real. They need to be taken seriously and addressed with structural changes. It the right time now security experts focus more on IoT cybercrime issues and come with viable solutions.
After the recent massive IoT-fueled DDoS attack, no one should doubt anymore that Internet of Things devices poses a very serious security threat. But, unfortunately, many companies have yet to wake up and understand that the risk involved require solutions that include major structural changes.
IoT makes a new and different kind of security risk and we can't effectively fight against IoT cybercrime in an old-fashioned way. The structural changes required must involve IT C-level executives above IT, as pointed out by Evan Schuman in a Computerworld report.
Making structural changes to your enterprise IT department could make a profound difference in blocking attack scenarios such as allowing enterprise-owned IoT devices to attack your own company and allowing enterprise-owned IoT devices to participate in such an attack against others. But one of the structural IoT problems is the fact that usually many of these IoT devices are being approved and purchased far away from the IT team. One such example is the case of beacons purchased by Marketing or Operations, or purchasing light bulbs or door locks by Facilities.
Historically, IoT devices have never needed IT approvals, but this approach needs to change. Companies would need to consider a change in policies and require that the IT office approves all of the IoT devices, without exception. And any business manager should think more of security when dealing with seemingly inoffensive IoT items.