Page 10 - index
P. 10
realize the extent and seriousness of these threats, the potential attacks made possible with the
IoT, and strategies for securing their corporate networks.
The Internet of Things is Exploding
Analysts predict that there will be at least 50 billion IoT devices by 2020. In order to reach this
number, 15 million new IoT devices would have to connect to the Internet every single day for
the next five years. To put this number in perspective, there are only about 333,000 human
births per day – meaning, the IoT is growing 50 times faster than the human population.
While a large number of these devices will be consumer products with no direct impact to
business, enterprises are also rapidly deploying IoT devices in their environment to reduce
costs and improve workflow and operational efficiencies. In fact, by 2016, more than half of
enterprises will adopt IoT in some way, shape or form.
Examples of enterprise IoT adoption can be found throughout many organizations. For example,
some enterprises are deploying smart light bulbs that turn off when they detect that there are no
employees in the room.
Manufacturing companies, which are widely regarded as the fastest sector to adopt IoT, are
adding equipment to self-update and detect breakdowns in the manufacturing chain. In addition,
companies large and small are installing connected HVAC systems to better regulate room
temperature. As a result, Verizon predicts that organizations that adopt IoT will be at least 10%
more profitable than their competitors that do not.
But is Verizon’s profitability projection sustainable? Only time will tell, but the forecast does raise
some initial skepticism. The emergence of IoT brings with it profound new threats, which result
from an average of 25 vulnerabilities per device. Using the December 2013 Target breach as an
example, hackers successfully penetrated its network through their connected HVAC system.
In total, 40 million credit and debit cards were stolen, costing the company $191 million to date.
Is the money that Target will save by using “smart” HVAC systems enough to offset the millions
of dollars and customers lost; as well as the reputational damage incurred as a result of the
breach?
With the rapid deployment of permanent IoT devices in corporate environments, few
organizations have policies to limit or prevent employees from bringing personal devices into the
workplace. These devices collect an extraordinary amount of data including user location,
sleeping patterns, and banking information.
While storing this information, IoT devices create their own mesh networks, not secured by
corporate WiFi, which serve as yet another threat vector for a hacker to exploit. Even in the rare
instance that an employee does not have a connected device, employers are starting to hand
them out.
10 Cyber Warnings E-Magazine – March 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
