This article is available also in spanish here

IoT security solutions: How to prevent IoT attacks?

My list

Author | Jaime Ramos

The Internet of Things (IoT) or the digital interconnection of any device promises to change the history of technology in a major way. However, it is not all good news when we talk about developments such as these. As has always been the case with any information exchange method or system, there is a risk of it being intercepted.

It is what we now know as hacking, hijacking or piracy. Information network security attacks are becoming more frequent in the public sphere. Why do they happen?

IoT: What lies behind hacking?


The security breaches that occur today tend to be essentially for financial gain. They involve hijacking data and demanding money to recover the data. These normally involve vast revenue for the affected companies.

However, there are also cases in more domestic spheres, in which the intention is to obtain users' personal data.

The hacker reaches the data through a device, which also serves as a gateway to the network. This enables them to control other devices, just as a virus can affect various organs once it enters the bloodstream.

According to the cybersecurity firm SAM Seamless Network, in 47% of domestic network attacks security cameras are the target. Followed by smart hubs, with 15% of the attacks and storage devices connected to the network, with 12%.

Real cases of IoT attacks

Among the most prominent attacks, is the one caused by the Mirai malware capable of DDoS attacks, i.e., it hijacks devices by obtaining access credentials and modifying them.

This is what Mirai did in October 2016, focusing on routers and IP cameras, with the added ability of, once infiltrated, being able to detect, like a chain reaction, other vulnerable devices that went on to be controlled. The digital attack lasted 77 hours, involving 24,000 devices and affecting media channels such as Twitter, CNN or Reddit.

Creativity in the attacks is unlimited and, in recent years, cases have been identified that were as serious as they were famous, for example, altering the water quality in a water treatment plant demonstrations of how to manipulate traffic lights or how to control a baby heart monitor. The aim of the latter was not to obtain information about the baby's heart rate or alarm parents with false figures, but to attack other domestic devices thanks to the vulnerability of the former.

Tips on how to protect IoT connected domestic networks


The vulnerability of the devices covered by the Internet of Things depends to a large extent on the margin of protection granted by the supplier or manufacturer. Therefore, the first recommendation is to obtain information, before purchasing a product, about the product's real security against external attacks.

In the domestic arena, basic tips such as naming a router, establishing a local guest network for friends or family visits, changing default usernames and passwords, updating device software or disconnecting the characteristics of these that are not going to be used, can be highly effective.

In terms of industrial systems, such as those required to ensure that modern cities can operate with infrastructures based on data, the issue is more complicated. Not only technical protection measures are required, but also political measures, such as avoiding the use of external devices in secure areas and training employees to prevent the use of insecure storage devices such as a USB drive collected at the doors of an office (a method used to initiate an infection in a place that an attacker cannot get to by other means).

Before all of this, however, we need to understand why the security of the systems on which the Internet of Things is based is so important for the future of cities and why it needs to be guaranteed. There is still time to build solid defense mechanisms to prevent even more problems, the consequences of which may be hard to predict given the potential of IoT to influence our lives.

Images | iStock/Pheelings Media), iStock/Igor Kutyaev, iStock/gorodenkoff

Related content

Recommended profiles for you

Remember to activate your profile to network!
Activate profile
Richelle Schuster
Leeds City Council
Head of Programmes
Fernando Vázquez del Toro
Fernando Vázquez del Toro
Denise Huggett
Hugslock Systems LTD
Director of company
Adrian Wong
Adrian Wong
Business Development
Abizar Ghiffary Abi
Human Resource Development
Jay Ouwehand
Alcatel Lucent Enterprise
I am the UK & I Government Lead for Acatel Lucent Enterprise
Fiorella Coello
Fiorella Coello
Tech Consulting
Business Strategy & High Tech Advisor
Hiromi Motohashi
Godfred Amankwaa
University of Manchester
PhD Researcher
Carlos Zúñiga A.
Telecom Consulting Services
Senior Consultant
Frederick Jensen Jensen
Konica Minolta Nextagenda
Kurmagazy Tileu
Junior Researcher
Esteve  Almirall
Esteve Almirall
Associate Prof. - Dtr. Center for Innovation in Cities
Manuel López
Manuel López
abril fresh communication & media SL
Enric Lopez C. López C.
Enric Lopez C. López C.
Lectures & Researcher. Entrepreneurship Director.
Juan Andres Niño Peñalosa
Juan Andres Niño Peñalosa
Universidad Pontificia Bolivariana
Abdus inanc
Kiren Yazilim
Benjamim Tillard
Benjamim Tillard
Gobierno de Córdoba
Jefe de area
Eloy Ortega
Maria Laura Roche
Maria Laura Roche
Kotra Korean Trade Investment Agency of Republic of Korea - Chapter Ecuador
Project Manager

Only accessible for registered users
This content is available only for registered users
TO: $$toName$$
SUBJECT: Message from $$fromName$$