Black Friday is upon us, and smart doorbells may well be off the wish list following this week’s news of their IoT vulnerabilities.
But all other IoT devices will fly off shelves today. As the IoT booms to billions of devices in millions of homes, the smart assistants, speaker systems, and even kids’ toys consumers happily buy today could come back to bite them.
If poorly secured, any connected device purchased today can become the perfect doorway for cybercriminals to access systems and steal lucrative data to sell on the dark web or use for their own gain.
Anything with an Internet address can and will be attacked. We’ve certainly witnessed this happening on a large scale with the proliferation of Internet of things (IoT) devices in recent years, and we’re likely to see the magnitude and complexity of these attacks escalate in the years ahead, as the IoT grows to 67 billion new connected devices by 2025.
The IoT is a misunderstood risk. Securing everything means just that: every ‘thing’ must have secure endpoint protection, or else it can be used as a doorway to entire networks, threatening safety, privacy and data. One concerning case last year saw cyber attackers take over a family’s smart home devices to blast music at loud volumes, talk to the couple through a camera in their kitchen, and crank their thermostat to 90 degrees.
The onus should first fall upon IoT manufacturers to secure their devices. But this doesn’t mean the consumer and the enterprise shouldn’t exercise their own cyber hygiene: awareness of what is at risk, usage of secure passwords and multi-factor authentication, and finally an attitude of zero-trust.
Before deploying any powerful technology or artificial intelligence, we must learn to anticipate the threat, recognise the value of IoT systems to cyber attackers, and prepare to respond to any sign of unauthorised hackers. Cyber criminals are waiting for organisations and the public to drop their guard. We must not let them seize the opportunity.