Skip Links

The Internet of Things: Top five threats to IoT devices

By David Geer, CSO
January 09, 2014 12:23 PM ET

CSO - The Internet of Things (IoT) is a mass of billions of connected devices from cars to wireless wearable products. Cisco's Internet Business Solutions Group estimated 12.5 billion connected devices in existence globally as of 2010 with that number doubling to 25 billion by 2015.

In light of this burgeoning market, CSO identifies five categories of IoT devices at risk in the coming year. CSOs who are aware of the threats and potential damage to their organizations can prepare accordingly.

In-Car WiFi

Once tallied, 2013 connected car revenues should reach $21.7 billion, according to analysts from Visiongain, LTD, with 2014 revenues climbing even further. As of the New Year, Ford and GM will increasingly offer in-car WiFi, turning cars into mobile hotspots and connecting passengers' smartphones, tablets and other devices to the Internet, according to John Pescatore, Director of Emerging Trends, the SANS Institute.

+ Also on Network World: What to expect from the Internet of Things in 2014 +

But, in-car WiFi has the same security vulnerabilities as traditional WiFi hotspots. Without the firewalls present in conjunction with small business WiFi installations, in-car devices and data will be at risk. Once inside the network, an attacker can spoof (pose as) the car, connect to outside data sources such as OnStar servers and collect the owner's PII such as credit card data, explains Pescatore. That is just one example. Only the imagination can limit the kinds of attacks that become possible when a hacker owns in-car Wi-Fi, passengers' devices and the car's identity (via spoofing).

"CISOs and CSOs at organizations with people who travel the country should be worried about these vulnerabilities since hackers can use these attacks to access company information," says Jerry Irvine, CIO, Prescient Solutions.

mHealth Applications / Mobile Medical Devices

"The market for wearable wireless devices across sports, fitness and mHealth will grow from 42 million devices in 2013 to 171 million in 2018," says Jonathan Collins, Lead Analyst, ABI Research. As of 2014, hackers will increasingly attack mobile medical devices running Windows, including pacemakers, according to Rodney Joffe, Senior Technologist, Nuestar. Traditional manufacturers use proprietary embedded systems that are hard to hack due to their closed source code and restrictions. But, non-traditional device manufacturers often use a form of Windows.

"Windows is very popular for those devices because it is cheap, ubiquitous and well-known among programmers," explains Joffe. But, unlike Windows on a desktop computer, there is no patching mechanism for Windows on these devices, according to Joffe. The more these devices connect to the Internet through wireless frequencies such as WiFi, the more viruses will spread among them.

CSOs should be concerned about remote access for these devices due to the potential for malicious attacks on employees, health information leaks, and attacks on key executives in order to influence or control the financial stability of the organization, according to Irvine.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News