Internet of Things (IoT) devices are becoming more commonplace in enterprises. Smart thermostats, security cameras, lighting systems, and battery backups are just a few of the internet-enabled appliances that help business owners collect data and run their organizations more smoothly. In 2017, IoT will undoubtedly expand as businesses integrate more of these technologies into their systems.
But before you get caught up in the exciting developments of IoT, don’t forget to consider the security of things, too. Today, in the second part of our 2017 cybersecurity forecast, we discuss the growing threat of targeted IoT attacks.
Botnets in 2016
Last October, several internet services including Netflix and PayPal went down following successful distributed denial-of-service (DDoS) attacks on DNS provider Dyn.
The DDoS attack used the Mirai malware, a botnet designed to compromise the security of , and gain remote access to, millions of vulnerable IoT devices across the globe. Unsecured cameras and printers became easy targets for the Mirai botnet, allowing it to flood Dyn’s systems with millions of DNS lookup requests.
Although Dyn eventually resolved the problem, the successful DDoS attack via IoT botnets showed aspiring cyber criminals a new and potent attack surface.
IoT predictions for 2017
We predict hackers will use similar tactics and Mirai-like botnets to infect unsecured internet-connected devices and target specific sites. Theoretically, increased HTTP traffic caused by botnets could shut down several eCommerce, business, news, and political websites.
Manufacturing and industrial environments are also likely victims of IoT-based attacks. Automated supply-chain systems and smart machines that are controlled by a network could be used to deliver malware like Stuxnet or BlackEnergy.
Unfortunately, DDoS attacks, malware distribution, and network exploitations will occur more frequently as more unsecured IoT devices are used in businesses.
How can businesses defend themselves
These security technologies can be proactively secured using technologies and procedures that have proven to be reliable. For example, a small business must be able to detect and block malicious network packets using network firewalls and intrusion prevention systems.
On top of that, they must develop the habit of conducting penetration tests and vulnerability assessments to identify and secure possible points of failure in newly installed IoT devices. Given the complex programming of IoT, we recommend consulting with an IT services expert in Atlanta.
If you want to get ahead of cyber threats this year, tune in every week for our cybersecurity forecasts. Next week, we will discuss how phishing and social engineering scams will develop over the course of the year. But if you’re seeking network security solutions, we have that too! Contact us at www.intelligis.com to learn more.
