Devices that can link up to the internet of things open a door way of endless possibilities for homes and businesses – and a back door for hackers.
The problem with the internet of things was the world wide web was designed with ease of use and convenience in mind.
In the days when the web was terminated at universities sharing data, security and hacking was not a big issue.
Today, all a hacker needs is network access to lay bare passwords, customer data and intellectual property stored on servers.
While developers are investing heavily in bringing internet of things gadgets and technology to market, only a third look at beefing up security for a device that is the weak link in network defences.
The price of internet outages
Cybersecurity firm Neustar has revealed research of how devastating a network breach can be for a business – and many of those breaches start with breaking into a network from an internet of things device.
In the past year, says the report:
- 73% of international brands and organisations were blitzed by distributed denial of service attacks (DDos)
- 82% of organisations had to tackle sustained attacks – up to four a day
- DDos attacks cost 50% of organisations up to $100,000 an hour while web sites and networks were down, while a third lost more than $250,000 an hour
- 81% of organisations under attack had internet of things devices logged into their networks – and in the DDos attacks led to loss of data or money
“The internet of things is not a concept on a drawing board somewhere,” said Hank Skorny, an internet of things expert with Neustar.
Weapons of destruction
“Many people do not realise that these devices are their watches, gadgets for monitoring fitness and smartphones.
“Hackers are already at work infiltrating these devices and businesses are suffering real losses as a result.”
Skorny argues that DDos attacks are not idle threats, but concerted, planned and incisive weapons of destruction aimed at destroying or blackmailing an organisation.
“DDos is not about when an attack happens, but how often,” he said.
“They are difficult for organisations to control because of the number of devices they have online. Typically detecting a threat can take up to two hours or three hours and then there’s the downtime clearing the breach.”