How Truly Secured Is Internet Of Things
The Internet of Things (IoT) is all around us and quickly expanding. We are just beginning to reap the benefits of the IoT. New ways to use connected things are being developed daily. The IoT helps individuals connect things to improve their quality of life. For example, many people are now using connected wearable devices to track their fitness activities. How many devices do you currently own that connect to your home network or the internet? In this article, I will talk about secured Internet of Thing is.
How secure are these devices? For example, who wrote the firmware? Did the programmer pay attention to security flaws? Is your connected home thermostat vulnerable to attacks? What about your digital video recorder (DVR)? If security vulnerabilities are found, can firmware in the device be patched to eliminate the vulnerability? Many devices on the internet are not updated with the latest firmware. Some older devices were not even developed to be updated with patches. These two situations create opportunity for threat actors and security risks for the owners of these devices.
In October 2016, a DDoS attack against the domain name provider Dyn took down many popular websites. The attack came from a large number of webcams, DVRs, routers, and other IoT devices that had been compromised by malicious software. These devices formed a “botnet” that was controlled by hackers. This botnet was used to create an enormous DDoS attack that disabled essential internet services. Dyn has posted a blog to explain the attack and their reaction to it. Search on “Dyn Analysis Summary of Friday, October 21 Attack” to learn more about this record-breaking attack.
The economic impact of cyberattacks is difficult to determine with precision. However, it is estimated that businesses will lose over $5 trillion annually by 2024 due to cyberattacks.
Personally identifiable information (PII) is any information that can be used to positively identify an individual. Examples of PII include:
- Social security number
- Credit card numbers
- Bank account numbers
- Government-issued ID
- Address information (street, email, phone numbers)
One of the more lucrative goals of cybercriminals is obtaining lists of PII that can then be sold on the dark web. The dark web can only be accessed with special software and is used by cybercriminals to shield their activities. Stolen PII can be used to create fake financial accounts, such as credit cards and short-term loans.
A subset of PII is protected health information (PHI). The medical community creates and maintains electronic medical records (EMRs) that contain PHI. In the U.S., the handling of PHI is regulated by the Health Insurance Portability and Accountability Act (HIPAA). In the European Union, the General Data Protection Regulation (GDPR) protects a broad range of personal information in including health records.
Personal security information (PSI) is another type of PII. This information includes usernames, passwords, and other security-related information that individuals use to access information or services on the network. According to a 2019 report by Verizon, the second most common way that threat actors breached a network was by using stolen PSI.
Most hacks on companies and organizations that have been reported in the news involved stolen PII or PHI. Recent examples are:
- In 2019, an online graphic design tool website experienced a data breach in which PII for approximately 137 million users was viewed by hackers with user details for 4 million accounts appearing on the internet.
- In 2020, a major Chinese social media company was hacked resulting in theft of PII, including phone numbers, stolen from 172 million users. The theft did not include passwords, so the data was available for a low price on the internet.
- In 2019, a company that makes games that are played on Facebook was hacked and the PII of 218 million users was stolen.
I know you might agree with some of the points that I have raised in this article. You might not agree with some of the issues raised. Let me know your views about the topic discussed. We will appreciate it if you can drop your comment. Thanks in anticipation.
Download Our App.
CEHNigeria On Google Playstore
Download Our Blog App On Google Playstore.
GET SEOPOZ. OUTSMART YOUR BLOG COMPETITORS
Have a deeper understanding of Google Search Console. Join SEOPOZ for free.
Join Our Whatsapp Group Here
Join Our Whatsapp Group
Follow Us On Twitter and I will Follow Back
Follow Us On Twitter
Kindly follow me on Twitter and I promise I will follow back. Aside you will get updated when we post new articles.