This article is available also in spanish here

IoT security solutions: How to prevent IoT attacks?

My list

Author | Jaime Ramos

The Internet of Things (IoT) or the digital interconnection of any device promises to change the history of technology in a major way. However, it is not all good news when we talk about developments such as these. As has always been the case with any information exchange method or system, there is a risk of it being intercepted.

It is what we now know as hacking, hijacking or piracy. Information network security attacks are becoming more frequent in the public sphere. Why do they happen?

IoT: What lies behind hacking?

iot-attacks-14

The security breaches that occur today tend to be essentially for financial gain. They involve hijacking data and demanding money to recover the data. These normally involve vast revenue for the affected companies.

However, there are also cases in more domestic spheres, in which the intention is to obtain users' personal data.

The hacker reaches the data through a device, which also serves as a gateway to the network. This enables them to control other devices, just as a virus can affect various organs once it enters the bloodstream.

According to the cybersecurity firm SAM Seamless Network, in 47% of domestic network attacks security cameras are the target. Followed by smart hubs, with 15% of the attacks and storage devices connected to the network, with 12%.

Real cases of IoT attacks

Among the most prominent attacks, is the one caused by the Mirai malware capable of DDoS attacks, i.e., it hijacks devices by obtaining access credentials and modifying them.

This is what Mirai did in October 2016, focusing on routers and IP cameras, with the added ability of, once infiltrated, being able to detect, like a chain reaction, other vulnerable devices that went on to be controlled. The digital attack lasted 77 hours, involving 24,000 devices and affecting media channels such as Twitter, CNN or Reddit.

Creativity in the attacks is unlimited and, in recent years, cases have been identified that were as serious as they were famous, for example, altering the water quality in a water treatment plant demonstrations of how to manipulate traffic lights or how to control a baby heart monitor. The aim of the latter was not to obtain information about the baby's heart rate or alarm parents with false figures, but to attack other domestic devices thanks to the vulnerability of the former.

Tips on how to protect IoT connected domestic networks

iot-attacks-15

The vulnerability of the devices covered by the Internet of Things depends to a large extent on the margin of protection granted by the supplier or manufacturer. Therefore, the first recommendation is to obtain information, before purchasing a product, about the product's real security against external attacks.

In the domestic arena, basic tips such as naming a router, establishing a local guest network for friends or family visits, changing default usernames and passwords, updating device software or disconnecting the characteristics of these that are not going to be used, can be highly effective.

In terms of industrial systems, such as those required to ensure that modern cities can operate with infrastructures based on data, the issue is more complicated. Not only technical protection measures are required, but also political measures, such as avoiding the use of external devices in secure areas and training employees to prevent the use of insecure storage devices such as a USB drive collected at the doors of an office (a method used to initiate an infection in a place that an attacker cannot get to by other means).

Before all of this, however, we need to understand why the security of the systems on which the Internet of Things is based is so important for the future of cities and why it needs to be guaranteed. There is still time to build solid defense mechanisms to prevent even more problems, the consequences of which may be hard to predict given the potential of IoT to influence our lives.

Images | iStock/Pheelings Media), iStock/Igor Kutyaev, iStock/gorodenkoff

Related content

Recommended profiles for you

Remember to activate your profile to network!
Activate profile
Peter Bakonyi
Peter Bakonyi
Budapest University of Technology and Economy
senior advisor, lecturer
JC
Jaume Castejon
HP Inc
Lead
Asri Hasanah Wibowo Wibowo
Asri Hasanah Wibowo Wibowo
Politeknik Negeri Pontianak
Student
VP
Vânia Paisano
ICI - Instituto das Cidades Inteligentes
Gestora Comercial | Instituto das Cidades Inteligentes
hg
himanshu gupta
alepaa
i am the founder of my company and currently i am working as all positions in my company
JD
Julien Delmouly
InfraNum
Deputy General Delegate
David Miralles
David Miralles
PurpleDye
COO
AM
Aravind M
Global Association of Indian Medical Students
State President of Tamilnadu, Global Association of Indian Medical Students
Ernest Hughes
Ernest Hughes
HughesGlobal LLC
NC
Nayid Carvajal
Claro
Leader of product in Smart Cities
DB
Dejan Bogosavljevic
TERI Engineering
Chief Technology Officer
FA
Farooq Azam
Sustainable Tech
Consultant driving GTM strategy, solutions selling, Digital Transformation for Telcos, Cities, B2B
AM
ANTONIO MAGALHAES
NKA - New Knowledge Advice
Cofounder
Irene Martínez Jaspe
Irene Martínez Jaspe
Universitat Oberta de Catalunya
Sustainable Tourism and ICTs Masters student
Gerard Nijboer
Gerard Nijboer
Municipality Rotterdam
Innovation Officer
MO
Marek Okularczyk
Polish Academy of Sciences
Interdisciplinary advisor/consultant. Smart Cities promoter. Phd candidate.
AR
Alan Rascón
DX INTERNATIONAL
Director
II
Irena Itova Itova
UniverCities
Product development
Gabriela  Giannattasio
Gabriela Giannattasio
Veritran
Director of Business Development Europe
Natanael Damasceno
Natanael Damasceno
Porto de Ideias Comunicação
CEO

SmartCity
Thank you for registering to Tomorrow.City. You can now start exploring from your computer, or with your phone or tablet downloading our app!
Only accessible for registered users
This content is available only for registered users
TO: $$toName$$
SUBJECT: Message from $$fromName$$