Securing IoT in an Emerging Threat Landscape

Covid-19 has urged the world to go digital. The proliferation of IoT devices and the increasingly online nature of our everyday lives are vulnerable to cyber attacks coming from phishers, hackers, extortionists, and scammers. The years of the global pandemic were the year when cyber security became everyone's worry - a problem that was once mostly for IT directors but is now a top concern for C-suites and world leaders. Nevertheless, the increasingly organized and sophisticated hacking operations have also urged security technologies to advance and be ready to anticipate what lies ahead.

AI-powered cybersecurity

Artificial intelligence (AI) has entered the market for decades, but its benefits is continuously discovered and innovated. According to an IEEE Global Study, 51% of surveyed chief officers and IT directors have accelerated AI and Machine adoption in 2021. About 21% consider this one of the most critical technologies in the upcoming year [1].

Defensively, AI is used to detect unusual network behavior, track offensive strategies, spot malware strains, generate more secured passwords, identify scams, or automatically respond to attacks. The overall detection rate could be reduced up to 12% and response time to an attack, such as remediating a breach or implement patches, could also be lowered up to 15% [2]. However, on the offensive side, hackers also take advantage of its capabilities and exploit both Machine learning (ML) and AI to evade protective security measures, detecting system vulnerabilities at a faster speed. Automated phishing, stealing confidential data, or automated malware are among the nefarious activities that resulted from malicious intent.

"Internet of Vulnerable Things"

Up to September this year, there have been nearly 500 million attempted ransomware attacks [3], with the Colonial Pipeline being the highest-profile victim. American's largest petroleum pipeline was breached by a single leaked password and is reported to have to shut down its oil flow to the eastern part of the country for a week, consequently causing panic-buying, shortages, and price spikes in some of the states. After successful attacks aimed at critical infrastructure (water treatment systems, food, and agriculture plans, gas pipelines), experts predict the Internet of Things (IoT) devices will be the next target for ransomware gangs.

As the billions of connected devices continue to increase, so does the number of potential threats, as cybercriminals are always actively looking for possible access points to gain entry into secure digital systems. Machine-to-machine (M2M) communication systems are one of the most vulnerable parts of the IoT ecosystem. Hackers often start by stealing machine identities to gain access to networks, then proceed to personal computers or phones where valuable data is stored. The low-effort and high-reward attacks prompted IoT devices providers to start building the products with security in mind, in which focus is placed not just on the hardware but the AI and machine learning apps running on these devices. The demand for secure machine-to-machine interaction in IoT will be vital for the foreseeable future as it is projected that global spending on IoT security will rise to $6 billion in 2023 [3].

The best firewall is human firewall

Companies who are keen on being vigilant and current in their cybersecurity defenses have opted to partner up with third-party security services for a better and faster measure that goes at length to ensure their business continuity. AI combined with technologies like behavioral analytics, vulnerability scanning, network segmentation, and traffic analytics… will give the companies a comprehensive view of their network environments and users. However, being up-to-date technology tools is only part of the equation. The fundamentals of cybersecurity still lie in human awareness. The time that our technologies saved us allows analysts to focus on constructing the human firewall with extensive training and the time needed to gather and analyze data to form the most effective and last line of defense.

Sources:

[1] https://transmitter.ieee.org/impact-of-technology-2022/ 

[2] https://www.capgemini.com/wp-content/uploads/2019/07/AI-in-Cybersecurity_Report_20190711_V06.pdf 

[3] https://studyonline.ecu.edu.au/blog/securing-iot-unique-challenge-machine-machine-communication 

Comments

Add Comment

Subscribe to our newsletter