blog hero2x
Data Security & Privacy

4 Internet of Things Cyber Security Risks You Need to Watch Out For


Feb 02, 2017

security risks internet of things

Internet of Things (IoT) devices are in almost everyone’s possession. Whether it's a phone, watch, TV or even cars, each of these devices comes with some sort of "smart" component. And this trend isn’t showing any signs of slowing down. In fact, the amount of devices is growing at an enormous rate, projected to hit 200 billion by 2020. This translates to about 26 smart objects per human!

While these devices have made many day-to-day tasks easier, they don't come without security risks. In fact, 90 percent of business leaders feel their connected devices are not secure. In this post, we will discuss several risks of IoT devices in the workplace and review what you can do to stay secure.

What is an IoT Device?

An IoT device is “the concept of connecting any device with an on and off switch to the Internet (and/or to each other).” While internet access was originally restricted to computers, it has started to find its way on to other devices.

We saw this trend start with the rise of smart phones. And now it seems that even the most mundane devices, like refrigerators, are coming with internet connectivity. So why are so many company's choosing to "smart-ify" their devices? Well, for one it makes it easier to push out software upgrades. Also, it allows connectivity with other devices (such as an Amazon Alexa) creating a pseudo-smarthome.

What are the Risks of a Highly Connected Workforce?

1. Employees May Not Realize the Associated Risks

The first risk is the fact that many IoT device users may not realize the security risks. Due to its connectivity, a lost IoT device holds much more severe consequences. For example, if an employee has their email on their phone, a lost phone could provide someone with highly classified information. Also, since there are so many devices, there are different security protocols for each one. And each device added means more points of access to secure.

2. Security Flaws


Many experts are predicting that the first big IoT device data breach is right around the corner. In fact, James Lyne, global head of security research at Sophos, says that these devices are coming with security flaws which were out of date 10 years ago. Hackers currently have little interest in these devices. But, if the trend continues, and a new smart device is widely adopted, it is plausible to think of a data breach occurring.

3. Ransomware

The term ransomware comes refers to when a hacker locks a user out of a device for a "ransom." And with smart devices, getting locked out of a device can have serious consequences—especially in the workplace. For example, a hacker could hold a device used in production for ransom. This could impact distribution or even create products with defects. Also, with the rise of self-driving cars, hackers may be able to take control of the vehicle remotely.

4. Being Used as “Botnets”

A botnet is a network of private computers set up to forward transmissions to other computers on the internet. These networks a can carry out DDoS attacks which can take a website or service down. Late 2016 saw one of these attacks make national news. A piece of malware, called Mirai, sent a bunch of traffic to the DNS that hosts many large services. This includes Twitter, Spotify and Amazon to name a few. If this trend continues, we can expect many more botnet attacks in the future.

Conclusion

While the growth of IoT devices will never stop, it is important to have security measures for them in place. Make your employees aware of the potential risks and train them where needed. Always be sure to stay on top of the latest news regarding IoT devices, and make sure to have policies set in place for using these devices in the workplace. If you have any tips for setting a IoT device policy, let us know in the comments below.

Workplace Answers &
Click 4 Compliance Join Forces

We’ve created the world’s most comprehensive and engaging online compliance training library for companies around the globe.

Learn more View courses

We're sorry this resource is no longer available, we've redirected you to our Resource center.