IoT: a whole new era of cyber security

IoT: a whole new era of cyber securityInternet of Things (IoT): the network in which physical objects or “things” are provided with electronics, software, sensors and connectivity that enable the ability to transfer data through its embedded computing system.

A few years ago, a cyber attack via the IoT was something that only Jack Bauer in 24 could have dreamed up, but we’re starting to notice increasing numbers of cyber attacks affecting more than computers.

An HP report last year revealed that there were serious vulnerabilities affecting 70% of the most popular IoT devices, including TVs, power outlets, webcams, smart hubs, home thermostats, sprinkler controls, scales, garage door openers and door locks.

Below, I’ve picked out some of the most shocking cyber attacks to affect the IoT:

French TV network TV5Monde taken off air – April 2015

French television network TV5Monde – which broadcasts to more than 200 countries – suffered an “unprecedented” cyber attack two weeks ago, which took its 11 channels off air.

The company saw its website, social media channels, and broadcast services affected by a cyber attack which left it able to broadcast pre-recorded programmes only.

As television production has become increasingly dependent on Internet-based technology, the risk of cyber attacks on broadcasters has grown.

Cyber attack causes “massive damage” to German iron plant – 2014

According to a German federal agency report, Die Lage der IT-Sicherheit in Deutschland 2014 (Situation Report on IT Security in Germany 2014), cyber criminals were able to access a German iron plant’s office network and prevent a furnace from being able to shut down properly, causing “massive damage” to the plant.

It is rare for a cyber attack to cause actual physical damage, which made the story quite startling.

Cyber attack launched through fridge – January 2014

Software-as-a-Service (SaaS) provider Proofpoint claimed last year that botnets were used to send more than 750,000 malicious phishing and spam emails from domestic appliances such as televisions and at least one fridge.

Many of these devices were poorly protected (why would you think to password-protect your fridge?), which led to hackers being able to easily reconfigure the passwords and use them in their malicious campaign.

Large number of cars on market susceptible to hacking and data theft – February 2015

US Senator Ed Markey (MA) released a report claiming that nearly 100% of cars on the market feature wireless technologies that could be vulnerable to hacking or privacy intrusions.

The majority of car manufacturers offer technologies that collect and wirelessly transmit driving history data to data centres, including third-party data centres, and most do not prescribe effective means to secure the data.

A whole new era

Although the IoT holds great promise for controlling gadgets, media and infrastructure, it also allows cyber criminals the potential to launch large and damaging attacks.

These events mark a whole new era of cyber security which organisations must consider.

While there are relatively few things that consumers can do to protect their own devices, firms that own and manufacture these devices can certainly better manage how they store sensitive data, who has access to it, and what their security measures are.

Implementing an information security management system (ISMS) compliant with the information security standard, ISO/IEC 27001, will provide your organisation with a holistic approach to information security that allows you to manage the confidentiality, integrity, and availability of your information assets.

If you’re looking to secure all of your assets while proving your commitment to cyber security, then our fixed-price ISO 27001 packaged solutions are for you. Designed to suit any organisation’s budget, business needs and project time frame, our five packaged solutions offer varying degrees of help and support.

ISO 27001 Packaged Solutions

Leave a Reply

Your email address will not be published. Required fields are marked *