In the realm of technology comes the digital devices in the fourth industrial revolution. All electronic devices that have access to the internet and that take instructions as input and process instructions to generate an out are what we refer to as digital gadgets, in addition, smart devices in the fourth industrial revolution are all referred to as digital devices. The devices can communicate with other devices on a network. As of today, connected devices are creating great experiences for users in so many ways, but they also act as a great field for threat actors (hackers). The Internet of Things (IoT) is one word to mean every device that can communicate digitally on the network. The IoT and cyber-criminal activity share two characteristics; they are largely invisible to the naked eye, and they are around us all times.
What is the concern?
We are always amused and fascinated by the great touch and feel of technology in the fourth industrial revolution, where you find that many software developing and technology organizations use a mix of sensors and sophisticated software applications which they put together to create sceneries of smart life like smart homes, smart office environments, smart cities, smart gadgets among others since we are fascinated, we call this magic. And why not call it that if home lights come on when you come back home and enter your house. A piece of machinery proactively asking to be upgraded or self-upgrade to prevent system break down. A refrigerator ordering for used up goods from amazon to avoid being empty and using your credit card details. A smartphone reloading credit from your mobile money account. With all these ways, we see that IoT makes technology more ubiquitous.
However, as technology advances, the cyber-criminals also advance. Hackers compromise system databases, hack weakly protected websites, get credentials like passwords, social security numbers, email accounts among others and rarely involve a face-to-face encounter. When technology becomes essential, security issues related to the technology tend to mount.
Back in time, hacking activities were limited to emails but went on evolving to text messages and started with hacker looking for access into the desktop computer but all that has of late changed and now hackers have a wide scope of attack, that is the IoT (Internet of Things) where everything that connects to the network becomes a target and very useful towards their hacking goal.
Every single day hackers are compromising not only systems’ security but also stealing confidential information for users from sites, and from remote databases that are taken to be so secure and out of reach.
Software is developed and as tech people spend much and most of their time hardening the security of their devices, cyber-criminals also spend most of their time looking for ways to break the hardened securities for systems.
In 2018, it was reported that Tesla’s electronic car invention was harked through what was referred to as a key fob attack. This is what was reported that;
“Despite having a pretty clean record in terms of critical security flaws, Elon Musk’s electric car venture Tesla made the headlines last month when its Model S cars were discovered to be vulnerable to a key fob attack, which is a technique often used to steal high-end cars. A team at KU Leuven University in Belgium was able to clone a Model S key fob and then use it unlock and drive a test vehicle. Using just $600 worth of equipment for reading radio and computing signals, the researchers could learn the vehicle’s identifier transmitted by the car, and then trigger a response from the key fob by impersonating the car. Using the response pairs, the researchers were able to narrow down the real keys that could be used to impersonate the key fob. More specifically, what made Tesla’s key fob technology so vulnerable was its reliance on easily crackable, 40-bit cipher and a lack of mutual authentication.”
According to the talks from cybersecurity analysts globally about the prevailing security problems with the IoT, it has been noticed that IoT problems could be much direr than anyone could ever imagine as of today since the targets range from the household digital appliances to everything with internet access.
Worry for Organizations
Many organizations have been interested to deploy IoTs to a great extent to experience a great touch and feel of technology with little or no knowledge that the poor security in Internet of Things (IoT) products including IP connected security systems, connected climate control and energy meters, smart video conferencing systems, VoIP phones, connected printers, smart fridges, and even smart lightbulbs, all these are so good to live and work with but pose an inherent risk to the security of these organizations which deploy them.
Higginbotham wrote on one of her blogs; “The lack of a clear understanding of how to keep connected devices secure impacts beyond adding a lot of extra tests for some nebulous certification. It also means that engineers building connected products don’t have a playbook to work from,” and added that “With IoT devices being so complex, the lack of some kind of standard checklist leads to security vulnerabilities.”
To this end, you’re required to have a clue that not only do these devices pose significant risks due to a lack of basic security hygiene, but many of the IoTs are put to use with outdated firmware which gives opportunity to hackers to exploit these vulnerabilities to plant backdoors and spyware which help them launch DDoS attacks.