The Internet of Things is gaining traction worldwide. By the end of this decade, it’s set to conquer a significant stake in daily user engagement with technology. It is changing how we behave with our gadgets and how we complete day-to-day tasks. Whether it’s Google Home or Alexa, we know that IoT devices are now a part of our lives for the long run.
With the vast Internet of Things as the playing field in today’s world, it is obvious to wonder: “How can devices and networks of the IoT ecosystem be monitored and protected with such an exponential growth?”
With current cutting-edge devices in mind, areas of improvement involve making these devices production-ready. To do so, hardware limitations must be kept in mind. The software that runs on modern PCs and mobile phones is often resource-intensive. IoT devices have limited capabilities. Sustainability is key.
Another central point is Cyber Security. Since IoT devices are always operational, they become a straightforward spying tool on innocent users. Cybersecurity issues with intelligent security cameras have been identified in the past. People have claimed that random images from other people’s homes were streamed from the camera. Hackers can also control the smart TV for changing channels or volume controls and cause security breaches, along with checking everyday movements and conversations using the integrated camera and microphone.
The most common threats are the insecure web, backend API, cloud, or mobile interfaces in the ecosystem outside of the device that often allow compromise . Common issues include lack of encryption, authentication, and weak authorization.
It’d be great to use Standard Architecture, the original expansion slot specification of the compatible computers, and preferably Open-Source design whereThe source code is made freely available and may be redistributed and modified. If IoT devices are designed on a similar architecture, they would be easily compatible. Compatibility means a more straightforward development process, faster bug resolution, and of course, better security.
In addition to common cyber threats impacting IoT users, unsafe communication between connected devices is also a concern. Many IoT devices do not encrypt the data they use to communicate, so a hacker can read this exchange by infecting a machine and stealing the user data. This software vulnerability can be resolved by using encryption, which refers to secure data during transfer.
Another concern is the matter of remote access or eavesdropping. This may occur through both software as well as hardware. One needs to deploy a secure gateway for communication and user-friendly controls for software. For hardware, juice-jacking involves a charging port that doubles as a data connection, typically over USB. This often involves either installing malware or copying sensitive data from a device. Often advancements made for feasibility increase privacy concerns.
Private Information Leaks are also worth mentioning. The prominent leak transformed not only made WikiLeaks founder Julian Assange a successful entrepreneur but also put him behind prison.
These are possible due to vulnerabilities of software and hardware. IoT devices are largely connected to a Smart Hub or a smartphone. However secure the application is, if the operating software is prone to attacks, neither device is safe.
Analysis of data generated from IoT devices is increasingly occurring not in the cloud but at the network edge physically close to where data is generated, i.e., on local servers, micro data centers, or even on devices generating the data. We need to reduce latency by analyzing IoT data in the cloud, making it less challenging to develop real-time alerts and degrading performance in industrial, enterprise, and smart city settings. Analyzing data at the edge can also help trim data transmission and storage costs.
Building a feasible solution integrating authentication, strong encryption, and filtering processes will minimize the risks of security breaches at any part of the chains of interconnected IoT devices. In addition, creating a user-friendly and informative guidebook that comes with the prototype will promote awareness and educate users about the importance of keeping devices secure at all times while encouraging them to do so.
Author – Mr. Shrey Madaan, Research Associate, CyberPeace Foundation
Reviewed – Mr. Hrishikesh Bedi, Consultant, CyberPeace Foundation