Category Archives: IoT

Beyond Imagination – The Real-Life Cases of IoT Security and Failures

The Internet of Things (IoT) has changed the way businesses operate. By integrating technology into our daily lives, we have opened a door to an entirely new level of innovation. Start-ups, massive conglomerates and everyone in between is doing the best they can to push their IoT devices out into the market, making competition fierce. This era of technological innovation has been dubbed “the IoT gold rush” by Emerald and others. With projections of twenty-four billion IoT devices existing by 2020, this technology is quickly taking over the globe.


However, as manufacturers rush to make their products the next big thing, they have overlooked one major detail that may end this IoT gold rush soon; the lack of security in IoT devices. In hindsight, it can be considered to be a simple mistake. New technology excites people; it would not be such a far stretch as to say that innovators wanted people to see their new idea before looking into security details. However, with half a billion IoT devices vulnerable to security threats, one wonders if corporations have done everything in their power to protect consumers. In this article, we will talk about some instances where IoT devices failed to provide sufficient security, its consequences and what has been done since to improve security in IoT devices.




Case #1: Hacking At An Austrian Hotel

This case is the first of many cases that have emerged in the last few years that have essentially outlined the security shortcomings with the use of the IoT technology. As the case goes, an Austrian hotel’s computer network was hijacked by something called ransomware. For those that don’t know, ransomware is a form of malicious software (or malware) that, once it’s taken over your computer, threatens you with harm, usually by denying you access to your data.


The attacker demands a ransom from the victim, promising — not always truthfully — to restore access to the data upon payment.       CSO from IDG

Victims are given instructions on how to make the payment- this usually costs somewhere between a few hundred to thousands of dollars, payable by cryptocurrency like Bitcoin.

In the hotel’s case, it was email demanding two bitcoins- the equivalent of $1800. The hotel was at full capacity and had to pay up as its reservation system, key card system and even its database were all locked up. Customers were complaining and there was nothing that the manager could do.


After the incident, the hotel went back to using the mechanical lock and key system in fear of another attack. This story is the classic example of how the lack of security in the IoT network might actually open a whole host of opportunities for hackers and criminals alike to exploit. The hotel went back to basics after that incident; is this a foreshadowing of how our lives will be affected by IoT?


Case #2: The Mirai DDoS Attacks

Another disturbing incident occurred in late 2016 when the entire east coast of the United State lost access to the internet due to a botnet called Mirai. Even though it was essentially created to make a few quick bucks off of Minecraft, the idea quickly ran wild and after its code was uploaded online – something that hackers do to shroud their digital footprints – a hacker used it to attack an IT infrastructure company named Dyn which led to the disaster in the east coast.


The FBI got involved and even though the creator of Mirai was caught and pled guilty- the foundation of Mirai is out in the internet forever. Experts believe that criminals might even use its code as a basis for a stronger attack. In fact, there have been reports of many botnets inspired by Mirai that have affected countless people worldwide.


From these attacks, we can determine that the threat is very real but there are still many unprotected IoT device worldwide. Thankfully, in the wake of these attacks, many people have come forward asking tech companies to be cautious of security failure.


After the Mirai incident, researchers have stepped forward to make the case of security in IoT devices. In fact, Eric Zeng, Shirirang Mare and Franziska Roesner of the University of Washington carried out their own research on individuals that have smart homes to understand the security concerns and bridge the gap in information. Their finds were interesting and helped to explain and understand consumer mindset, security concerns as well as mental models for their security systems. If anything, this study helped to understand many safety concerns which had previously simply been there. This study was able to give recommendations for future updates and is just an example of how all hope is not lost for the IoT business.


It’s new; there have been security problems, but experts are doing their best to keep up with the rapid advancement in this sector and have begun to find solutions for security problems.


Case #3: The Tesla IoT Car

Luckily, all is not as bleak as it seems. As seen in the case of Tesla vehicles, not all IoT devices are doomed for failure. In this post, a group of MIT alums in Northern California have talked about Tesla automobiles – the benefits and potential threats that comes with them and what it means for the world.


Interestingly, unlike the previous case studies, we find that the overall tone behind this article is positive with a few words of caution because, well, Internet of Things is still relatively new today and therefore, it is quite difficult to predict the problems we might face in the future. Nonetheless, this case study highlights how – when security is taken into consideration – IoT can be an awesome thing.


One of Tesla’s key policies to ensuring that their security system remains up to date and free from malicious hacks is by rewarding any hacker that is able to hack into the system. This means that its team is constantly improving its network. In fact, the car has been called one of the safest vehicles ever created by the NHTSA.



Case #4: Stanley Black & Decker

Stanley Black & Decker is an S&P 500 company that has shown us how well industrial IoT can work if used correctly. As per inductiveautomation.com, Industrial Internet of Things (IIoT) is the application of the IoT to the manufacturing industry is called the IIoT (or Industrial Internet or Industry 4.0). The IIoT will revolutionize manufacturing by enabling the acquisition and accessibility of far greater amounts of data, at far greater speeds, and far more efficiently than before.


Managing a production line as complex as Stanley Black & Decker’s manufacturing factory is no joke. This is why it would make sense for the company to utilize IoT for production. Cisco presents a case study that takes us deep into the heart of production and outlines the challenges and the benefits of the use of IoT technologies.  Stanley Black & Decker’s manufacturing plant opened in 2005 and operates around forty multiproduct production lines and thousands of employees, producing millions of power tools per annum. With the help of IoT, the factory has been run efficiently that promotes flexibility, showing us the benefits of IoT when done right.


This is just one of the many, many positive reviews we will find on IoT technology when it is done right. From these case studies, we are able to see just how beneficial IoT can be for businesses if the technology is cared for properly.


Both Tesla and Stanley Black & Decker have achieved success in the utilization of IoT because they spent the time in advance to look into vulnerable security threats and instead of ignoring them, they chose to address them. This care and management have led them to improve systems security which has only served to improve their products.


Conclusion

In this article, we have looked at both sides of IoT related case studies – two where things went downhill because of negligence or simple ignorance, and two where the right efforts paid off massively in the form of success. IoT technology is massively underestimated by people. Many people don’t understand it which is why it is easy for people to overestimate the security of such devices which leads to frightening real-world consequences.


However, the way things are going, it does not seem that IoT will forever be held back by security threats. After all, Android has joined the fight against security issues in IoT devices by launching Android Things to help create more secure IoT devices. Similarly, computer experts have called for more consideration into the security of IoT devices to prevent any malicious activities. Therefore, it is safe to say, that while there have been security problems with IoT devices, organizations and experts are doing what they can to overcome it so we can embrace this new chapter in tech history without concerns of being hacked.

Dispelling Misconceptions – What we Think we Know About IoT and Security

The internet of things – IoT for short – is taking over the world, specifically businesses. This technology is the latest in the series of technological evolutions that have taken place since the computer (and the internet) was first created. Therefore, it is not surprising that there are misconceptions not only surrounding IoT itself but also the security of the devices that come under its umbrella. But before we move on to address these misconceptions, we have to understand what the term actually means.


What Exactly is the “Internet of Things”?

The question of exactly “what” this technology is, is something that a lot of people don’t ask simply because they don’t want to know. In our day and age, we just want to consume more and more advanced and sophisticated technology without actually understanding it. And therein lies the problem.


When people don’t understand something, they tend to put the blame on it when something goes wrong. In an HBR article, writer Andrew Tannenbaum speaks of an Internet of Things hostage situation that is not difficult to imagine due to the security problems surrounding IoT devices. In the same article, he speaks of the reasons behind these problems. We shall explore them later in this article.


As for now, in order to understand Internet of Things, we must understand what it is.


Internet of Things is the interconnection via the Internet of computing devices embedded in everyday objects, enabling them to send and receive data. This definition is an oversimplification of something that is revolutionizing the world we live in.      Oxford Living Dictionaries


IoT’s development is changing the way data is received, perceived and utilized. If anything, it is just a stepping stone which may ultimately be used by AI technology. But that may be years down the lane. The fact is, IoT is creating a network among devices that we use all the time – it can be through our phones, refrigerators, television screens – everything that we come in contact with every single day to learn more about us as a consumer so that it can adapt and integrate technology even further into our lives.


Basically, what IoT devices are doing is that they are making everything easier for us by using sensors, actuators, and software to connect everything in our lives from our front door to our smartphones to one central unit.


And this may sound scary because of the many, many “AI gone rogue” Hollywood blockbuster movies that have come out over the years, and because of growing hacking problems, security is a concern for anyone who uses the Internet of Things in any aspect of their life. Our job though is to help anyone with any misconceptions surrounding the usage of IoT.


IoT Devices are Secure

This may sound obvious, but it is the biggest misconception surrounding IoT devices and the reason behind it is pretty legitimate. After all, why would you care about IoT security? It couldn’t have been released into the market just like that.


However, it is important for individuals to understand one thing: the manufacturers of IoT devices aren’t selling their products with security in mind. It is you – the buyer – who must be wary of security concerns because, at the end of the day, you are the one who will be affected by any security breaches.


In fact, various individuals and companies have begun questioning the security of IoT devices because of a few cases where hackers have hacked into the network and used that as a bargaining chip. This is alarming. Luckily, big businesses and even government agencies like the FBI have taken notice of the lack of security in some IoT devices and there has been a lot of talk and implementation of more secure fronts for these devices.


In order to put this misconception to bed, it is important that you understand that IoT is a very new development in the field and therefore, a lot of manufacturers are rushing to take advantage of it but that doesn’t mean that its security is being neglected.


As for now, it is very important that you as an individual take care of your IoT devices yourself. It is not that complicated either. A lot of people think that IoT is just part of the IT department of the firm. It doesn’t have to be that way. You don’t have to spend thousands of dollars to ensure that your system is secure – all you need to do is be careful.



Only Those Authorized can Access IoT Devices and the Network

This misconception follows the first one and is part of network security. A lot of individuals believe that because they are spending a lot of money on the Internet of Things, their investment should be safe from unauthorized access. This isn’t true.


You do not need an IT expert to connect a device to your system. Anyone can do it. Therefore, it is important that you do not expose your network to everyone. It should not be easy for your employees, clients…anyone really to connect to your network.


Because the security of any other device plugged into your system is not checked – it could be the tool used to hack your system, and it’s really not that hard to hack into a computer or a smartphone that does not have the right security settings.  This is why we strongly recommend that every IoT device connected to your network is thoroughly checked to eliminate the chances of these devices being used to breach your network security.


All IoT Devices are Interconnected

This is yet another misconception that arises when people don’t understand a certain bit of technology. It is, therefore, very important that you understand this as it makes the case for why – in spite of the risk – you should be thinking about using IoT. It is also a good security protocol and can prevent security risks.


While all IoT devices are definitely connected to the main network, they are not connected to each other – unless the network operator wants that. They will also not work together i.e. you can choose to assign certain devices with certain tasks and protocols. By using this facility, you can ensure that the IoT devices handed out to your staff only shows data you want them to be able to access. This is also a very good way of preventing corporate espionage and also security breach.


The Internet of Things is a Waste for Small Business

Moving away from security breaches, we will now move on the usefulness of IoT for small businesses. Larger companies are at the risk of hacking and security issues because they have large corporate rivals who may be willing to pay quite a bit to know their trade secrets. This is why they have to spend more on network security than start-ups or small businesses. In fact, it has been shown that the security of small businesses has actually improved by using IoT. Not only that, but it actually helps to grow a business and make it more efficient by making the business “smarter”.


In today’s world, that is a brilliant way to stay with and ahead of the competition. IoT is helping small businesses to prosper so that makes a good case for the technology and is something small business owners should definitely look into. It may not seem so, but IoT is not very expensive for installation and you can take advantage of the organization and stability it brings to the table.


IoT devices are not secure

This statement contradicts the very first misconception introduced in this article and the reason behind it is that while a lot of people don’t even think about IoT security, many others believe that they are not secure enough to make the investment.


As mentioned earlier, there is research going on into IoT security and users themselves must also take the initiative to work on security themselves, the point is that IoT devices can be made safe.


As you can see, the security of IoT devices, in the end, lies primarily with the user. Companies can provide the user with a lot of security but it is up to you to use IoT in such a way that it does not cost you. So even though it might seem very daunting, with the right security check in place, IoT devices are quite safe and can be used to make your business better.


Conclusion

It is safe to say that IoT and security go hand in hand with proper work ethics. If you focus on the right things in your business and are generally concerned about its welfare, you will take the necessary steps required to ensure that not only does your business prosper under the Internet of Things, but that it will also remain safe.