IoT cyberattack: The complex relationship between connectivity and cybercrime

IMAGE CREDIT:
Image credit
iStock

IoT cyberattack: The complex relationship between connectivity and cybercrime

IoT cyberattack: The complex relationship between connectivity and cybercrime

Subheading text
As more people start using interconnected devices in their homes and work, what are the risks involved?
    • Author:
    • Author name
      Quantumrun Foresight
    • January 13, 2022

    Insight summary

    The Internet of Things (IoT), a network of interconnected smart devices, has seamlessly integrated technology into our daily lives, but it also presents significant cybersecurity risks. These risks range from cybercriminals gaining access to private information to the disruption of essential services in smart cities. The industry is responding to these challenges by reassessing the value chains of IoT products, developing global standards, increasing investments in regular software updates, and dedicating more resources to IoT security.

    IoT cyberattack context

    The IoT is a network that connects multiple devices, both consumer and industrial, enabling them to collect and transmit data wirelessly without the need for human intervention. This network can include various devices, many of which are marketed under the label of "smart." These devices, through their connectivity, have the ability to communicate with each other and with us, creating a seamless integration of technology into our daily lives.

    However, this interconnectedness also presents a potential risk. When these IoT devices fall prey to hacking, cybercriminals gain access to a wealth of private information, including contact lists, email addresses, and even patterns of consumption. When we consider the broader scale of smart cities, where public infrastructure such as transportation, water, and electricity systems are interconnected, the potential consequences become even more serious. Cybercriminals, in addition to stealing personal information, can disrupt these essential services, causing widespread chaos and inconvenience.

    Thus, it is crucial to prioritize cybersecurity in the design and implementation of any IoT project. Cybersecurity measures are not just an optional add-on, but an integral component that ensures the safe and secure functioning of these devices. By doing so, we can enjoy the conveniences offered by interconnectivity while minimizing the risks associated with it. 

    Disruptive impact

    To improve their cybersecurity profiles, companies involved in the IoT are reassessing their entire value chains of IoT products. The first element of this chain is the edge or local plane, which connects digital information with actual things, such as sensors and chips. The second factor to consider is the communication network, the primary connection between the digital and the physical. The last part of the value chain is the cloud, which sends, receives, and analyzes all the data needed to make IoT work. 

    Experts think that the weakest point in the value chain is the devices themselves due to firmware not being updated as often as they should be. Consulting firm Deloitte says that risk management and innovation should go hand in hand to ensure that systems have the latest cybersecurity. However, two main factors make IoT updates particularly difficult—market immaturity and complexity. Thus, the industry must be standardized—a goal that is beginning to take shape since the introduction of the common Matter protocol adopted by many IoT companies in 2021. 

    In 2020, the US released the Internet of Things Cybersecurity Improvement Act of 2020, which lists all the security standards and regulations that an IoT device should have before the government could purchase it. The bill’s guidelines were also created by the security organization National Institute of Standards and Technology, which could be a valuable reference for IoT and cybersecurity vendors.

    Implications of IoT cyberattack

    Wider implications relating to IoT cyberattacks may include:

    • The gradual development of global industry standards around IoT that promote device security and interoperability. 
    • Increased investments by leading technology companies into regular software/firmware updates for IoT devices.
    • Governments and private corporations increasingly dedicating personnel and resources to IoT security within their operations.
    • Heightened public fear and mistrust of technology slowing down the acceptance and adoption of new technologies.
    • The economic costs of dealing with cyberattacks leading to higher prices for consumers and lower profits for businesses.
    • Stricter regulations on data security and privacy, which could slow down technological progress but also protect citizens' rights.
    • People moving away from densely populated smart cities to less connected rural areas to avoid the risks associated with IoT.
    • A surge in demand for cybersecurity professionals, changing the labor market and leading to a skills gap in other areas.
    • The energy and resources required to combat cyberattacks and to replace compromised devices leading to an increase in electronic waste and energy consumption.

    Questions to consider

    • If you own an IoT device, how do you ensure that your data is secure?
    • What are the possible ways IoT devices could be protected from cyberattacks?

    Insight references

    The following popular and institutional links were referenced for this insight: