IoT – aka ‘The Internet of Things’ – is a network of physical objects and smart devices which are embedded with sensors, software and connectivity. These devices collect and exchange data over the internet, which in turn means that IoT cyber security is vitally important. They must be protected from cyber threats such as hacking, data breaches and malware attacks, as they can carry large amounts of data including sensitive information. Today we take a closer look at smart devices to see just how secure they are.
IoT and smart devices
In simple terms, IoT is the network within which smart devices sit. The devices themselves range from simple household appliances to more complex systems, such as autonomous vehicles. Smart devices are designed to make our lives easier – Alexa, anyone? – but whilst this can certainly be true, they are not without issues. Perhaps the largest of these relates to cyber security, as we shall soon discover. Firstly though, let us list out some of the smart devices currently available:
- Smart phones
- Thermostats
- Speakers
- Smart cars
- Doorbells
- Lights
- Locks
- Refrigerators
- Watches
- Smart bands & keychains
- Glasses
And so on, but how many from the list above do you own or use? In November 2022, Statista published figures on IoT connected devices in use and then also included some forecasts. In 2021, there were 11.28 billion connected devices, with 15.14 billion predicted for 2023. By 2030, we could be looking at almost 30 billion devices… which seems unfathomable to this writer. But then in saying that, this writer only has a smart phone and speakers from the list above!
Here are some other questions for you; how many smart devices do you own or use which are not listed above? And does the subject of security ever enter your mind when you think of them?
How cyber secure are smart devices?
An interesting question and the answer of course varies depending upon factors including what the device actually is and how it is used. Some devices will also have more robust security features than others, and some may have specific vulnerabilities which can be exploited by cyber criminals. A key challenge with all of them is the fact that they are frequently connected to the internet. This makes them a target for hackers who can use different techniques to gain access to them.
To mitigate these and other risks, manufacturers are designing their devices with new and improved security features such as encryption and secure authentication. They are also providing regular software updates to combat known vulnerabilities. Users can also increase the security of their devices by implementing strong passwords and regularly updating software. A good step towards understanding how secure your devices are is to ask yourself:
- What is my device?
- How am I using it?
- Am I doing everything I can to protect it and my data?
If we apply this question set to smart phones, we may end up with the following answers:
- My device is a Samsung Android phone
- I use it for calls, messages, emails and to play games
- I regularly install updates as soon as I am alerted to them
In this case, the user in question is doing well, as smart phones are designed to protect against malware. However, they do not offer much protection against threats such as phishing cyber-attacks. So, whilst the phone is secure, the user could potentially be hacked as a result of using it. In this instance, we would urge you all to read about social engineering, a topic we will cover in a future blog.
In Conclusion
IoT cyber security is vital, as whilst smart devices can offer many benefits, they also carry potential security risks. You and your organisation must take appropriate measures to protect yourself and data. As an official certification body, CRIBB can advise companies on things including IoT Secure Compliance.