Today, there are an estimated 23.14 billion connected devices online. By 2025, that number is expected to expand to 75.44 billon. According to PwC, $6T will be spent on IoT solutions between 2015 and 2020.
Every industry enjoys the operational advantages of the Internet of Things (IoT), but the security danger is not even close to being fully appreciated. Anything can be monitored via the IoT, and each connection is a potential security threat. Cyberattacks on industrial control systems (ICS) increased 110 percent in 2016, and the number of attacks is predicted to grow as more systems connect to the IoT.
In a world where cybersecurity is clearly a priority, the IoT risk:security ratio is astonishingly high.
To work in an efficient and inexpensive manner, IoT sensors are by nature low end, and most lack the computing power to support encryption. Manufacturers simply haven’t considered this a priority which leaves a gaping hole in operational security.
Cybercriminals always seek easy entry, and the IoT path of least resistance may lead to the sabotage of devices and operational technology (OT) systems that control critical equipment and infrastructure. The results could be disastrous from major systems failures to entire power grids being brought down.
Widespread IoT Risk
Greg Ratner, Sales Engineer at Silent Circle, says “Any enterprise that uses IoT devices probably has them linked to their internal network. This creates one of the weakest – and most overlooked – areas of security for any organization. Breaking into a company through somebody’s laptop is very difficult since security is already embedded or layered in. However, sensors and cameras at the fringes have no encryption at all. It’s like having a huge padlock on the front door while leaving the back door wide open. Hackers know this and increasingly focus their attacks there.”
In the oil and gas industry, online sensors monitor pressure along entire pipelines. Serious danger exists not only in terms of data exposure, but to human physical safety as well. Any IP connected device can be breached including sensors, cameras, microphones, baby monitors, automation projects, automobiles, and the list goes on.
Wearable & Healthcare IoT Device Risk
Wearable devices, such as FitBit bands or Apple watches, are not necessarily a security risk until they are connected to a network, for instance to a corporate phone via Bluetooth. However, wearables that monitor personnel movement or patients within a hospital are a growing security concern. Given the expansion of wireless monitors and devices dedicated to patient care, the security risk in this sector has grown larger than ever.
Morbile Firewalls – A Solution For Today
Clearly, IoT threats are the largest vulnerability to enterprises since there’s no security embedded in these devices. One solution is a mobile firewall which protects data transmission whether for enterprise collection or personal data. Mobile firewalls help secure data originating from the IoT device which is then sent to a collection point.
Ratner says, “Tools like our GoSilent mobile firewall encapsulate information and traffic within a secure IPsec tunnel and secure the data transmission. It acts as a stateful firewall which means only traffic that has been sent out is allowed back in. Any attack on the device is denied by GoSilent. The end result is that the collective corporate firewall gets sent out to devices on the edge.”
If your enterprise relies on IoT devices for an operational advantage, learn how our GoSilent mobile firewall can help mitigate any associated security risks.