The Internet-of-Things (IoT) has touched almost every industry and sector, and is now commonplace not just among the tech elite but even average consumers. In fact, the IoT market hit a staggering $20.35 billion valuation in 2017 and is only set to grow past $75.44 billion by 2025.
As with any major technological change that’s embraced so rapidly by the masses, cracks in the façade will inevitably emerge as best practices catch up with the rate of adoption. IoT devices are especially prone to this chain of events, as industries and individuals are often bringing IoT technologies into their lives before assuring their security.
Take the distributed denial of service (DDoS) attacks that leveraged common household and office IoT devices over the course of 2016 and 2017. One such incident, the Mirai attack, was a DDoS operation that used an army of botnet-infected IoT devices to flood Twitter, GitHub, the PlayStation network, and hundreds of other sites with “loud” traffic that eventually overwhelmed their servers and caused them to shut down. First detected in October 2016, active strains of the Mirai virus were still being reported as recently as December 2017.
While the Mirai attack continues to cause a lot of financial hurt for the affected parties, it was widely considered a muscle-flexing exercise for the hacker Paras Jha, who recently pleaded guilty to hacking charges, alongside two other Rutgers University students. As hackers like Jha made glaring the flaws in connected devices over the past two years, malicious actors looking for financial gain will inevitably attempt to leverage those vulnerabilities to make waves in 2018, taking advantage of readily available ransomware and PII for big paydays.
In fact, research group Forrester made this prediction one of its top forecasts for the next year. Instead of being motivated solely by political, social, or military reasons, cybercriminals will likely be driven by financial gain moving forward, as the black market for malware and the Dark Web continue to mature, Forrester noted.
Going into the New Year, organizations need to immediately ensure the security of their existing IoT infrastructure by assessing their hardware for security gaps, including weak encryption implementation or inadequate patching functions. Organizations also need to be sure they are doing all they can to make sure bad actors can’t enter the network to begin with by employing deep defenses around their network perimeter that employ the latest functions and features. Users and devices that frequent the network also need to be sure they aren’t exposing their machines to malware when they’re off the private network, bringing infections with them when they return.
To learn more about the steps you can take to fortify your network and the IoT devices leveraging it for connectivity, read our whitepaper, “’Defense-in-Depth’ and the Distributed Gateway Platform.”
Chris Park brings over 13 years of technology experience in corporate network security to his position as CIO, where he is responsible for creating and driving the company’s IT strategy. As the resident expert in all aspects of iboss solutions and infrastructure, he is responsible for iboss’ entire IT operation, including network and system engineering, front-end development, data center operations, and customer service and support. Under Chris’ strategy and guidance, iboss has achieved an industry-leading customer retention rate of 98.5%. Prior to his CIO position, Chris served in a variety of product management and network architect roles, working with public and private companies to troubleshoot and support their network security infrastructures. As a proven IT leader, Chris is dedicated to helping drive the company’s IT operations with a focus on building and supporting global IT strategies that ensure future growth.