What does IoT mean? The acronym stands for “Internet of Things,” so we are talking about objects that use a connection to interconnect to exchange information, collect and/or process them. This classification, therefore, includes all the objects that surround us in daily life and that have been made “intelligent” thanks to a connection (e.g., Smartwatches, Cameras, audio and video devices, machinery, appliances, and street lamps).
IoT technology is an enabler of intelligent infrastructures that make higher quality services possible and facilitate the provision of advanced functionalities (such as predictive maintenance). The opportunities arising from the IoT are the frontier of innovation, but like all technological advancements. Along with the opportunities, there are also new risks to manage.
Table of Contents
It is important to distinguish between objects born as connected devices and objects that become in the course of life. I leave the study on “boomer” objects (i.e., not natively connected) to future articles and start with the “interconnected natives,” underlining how it is appropriate to immediately apply the principle of “Security by Design” because it will soon be mandatory, according to I Requirements provided for by the certifications dictated by the application of cybersecurity Act; this approach pays attention to device security as a necessary requirement from the foundations of the project, starting from the hardware design and continuing with software development according to strict secure development guidelines, in order to minimize the risks of vulnerabilities that could expose the devices to attacks, with the consequent compromise of the host system. Unfortunately, this type of approach is not yet so widespread: for this reason, legislation has been enacted, forcing producers and indicating minimum parameters appropriate to the risk, which will be verified by regulatory bodies to guarantee users.
The risk of interconnecting a device that does not have internal security systems to one’s own networks (domestic, corporate, or industrial) does nothing but expose us to innumerable risks. Consider, for example, video surveillance cameras: if not properly designed, managed, and maintained as a security tool, they can quickly become an intrusion tool, giving access to images directly to thieves, criminals, or “voyeurs.” This is not a joke: if you take a tour of http://isecam.com, you will see that we are not talking about a “potential” risk but a concrete reality. In fact, already today, it is possible to have access to several thousand cameras that open a window (even in HD) through which you can peek into the lives of others without any effort or particular computer skills. How is it possible? Simple, they were not designed with security by design logic: they came out of the factory with the same default remote access credentials, and no one changed them in the installation process; consequently, they are known to the whole world and available to anyone.
The most common attacks affecting IoT devices are undoubtedly those denials of Service and Distributed Denial of Service (Dos and DDoS). Let’sLet’s find out the definition given to us by the National Cybersecurity Agency: “Cyber attack that aims to compromise the availability of a system by exhaustion of its network resources, processing or memory. In the distributed version (DDoS), the attack comes from a large number of devices and is directed toward a target. Botnets are a tool for conducting a DDoS attack (Glossary Computer Security Incident Response Team – Italy). “A reflection: if we consider the increasing number of IoT devices present in our lives (many of which lack adequate security measures) and the nature of the attack mentioned above, we can come to a disturbing conclusion: our devices may be/have been / will be the tool used by Cyber Criminals to carry out an attack. In other words: the refrigerator could be used to attack the CIA,
We understood that all infrastructures/products equipped with sensors are at risk. But what are the aspects to be evaluated to ensure greater safety?
It is important to set up secure authentication for IoT devices, such as, for example, establishing strong passwords (always changing the default ones, even for routers) since many times attacks occur due to a device that does not have the credentials or that still has factory ones (widely known on the dark web)
Use end-to-end encryption. IoT devices connect, for the most part, wirelessly; it is recommended to use at least a WPA 2.0 (Wi-Fi Protected Access 2);
It is recommended to manage IoT device traffic separately. In fact, it is recommended for optimal bandwidth management and to ensure greater reliability.
It is essential to update the connected devices to prevent any attacks from already known vulnerabilities; if the update is no longer possible, it is recommended to discard the obsolete devices so as not to allow them to become the weak link in our security chain.
The firmware allows our devices to work and allows you to interact with other components. It must be always updated to allow it to function correctly and cover any pre-existing “flaws.”
IoT technology is destined to be more and more pervasive in our lives, not only from a personal point of view but above all for the businesses of companies, which increasingly focus on the power of data. By 2025, many researchers estimate that IoT devices will reach 30 billion. However, we must always keep in mind that evolution also involves security risks. What to do?
Also Read : How To Create An Online Course: Useful Tips To Get Started
Instagram is currently one of the most widely used social media sites where individuals share…
The rise of AI is radically changing the situation regarding cybercrime, particularly in disinformation and…
Washington is among the many states that are growing when it comes to real estate.…
Escalators, the dependable workhorses of today's world, dutifully transport us between levels in malls, airports,…
It is estimated that around 86% of companies lack sufficient security on their servers in…
Digital transformation has led to an explosion of connected devices, going far beyond what we…