Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

Security Vulnerabilities Pose a Challenge to IoT/IIoT Mass Adoption

As the Internet of Things continues to grow, current discovery and tracking tools and methods need to evolve.
By Tae-Jin (TJ) Kang
Feb 13, 2019

Statista, a leading market and consumer data research firm, estimates that by 2020, the utilities, transportation and logistics, and discrete manufacturing industries are each projected to spend $40 billion on Internet of Things (IoT) platforms, systems and services. The next largest spending category will be business-to-consumer vendors, at $25 billion, while the health-care, energy and retail industries are each projected to spend north of $10 billion. These numbers add up to a significant investment in the IoT. In fact, the Boston Consulting Group predicts that the IoT market will reach $267 billion by 2020.

IoT Security Lowers Trust and Will Hinder Implementation Growth
The IoT land rush is coming at a cost. As IoT and Industrial Internet of Things (IIoT) manufacturers sprint to be the first to offer the newest connected devices, they fail to prioritize cybersecurity. This tendency is a huge misjudgment, as it has often led to the release of IoT devices and platforms that are later discovered to be completely insecure.

IoT-powered devices, such as routers, modems, network attached storage (NAS) devices, closed-circuit television (CCTV) systems and industrial control systems, can all be recruited into botnets for the purpose of carrying out distributed denial-of-service (DDoS) attacks. It happened in 2016 with the Mirai IoT Botnet attack. Consumer IoT devices in the home are not immune—seemingly innocent gadgets like connected toys can be exploited to spy on children.

While growth in IoT spending may increase significantly, privacy, data theft and DDoS attacks will hamper implementations. If deployments become bogged down with security issues, organizations will not see the benefits of their IoT investment, and the industry's growth will stagnate.

Poor Open-Source Software Management Compromises IoT Security
We stand at interesting crossroads for two of the fastest-growing technologies: the IoT and open-source software (OSS). The two have become somewhat interdependent, with IoT companies heavily relying on embedded Linux and adjacent OSS to power their devices. While open-source code is incredibly powerful, like proprietary software, it contains security vulnerabilities.

This means the code that is driving IoT innovation, if not properly managed, has the potential to expose consumer, commercial and industrial customers to privacy violations and data theft. Compounding the issue is the prevalence of open-source code. A popular OSS component is often reused across various industries to execute a spectrum of different purposes. As a result, a single vulnerability within an OSS component may result in permeating consequences.

There are three noteworthy issues for IoT manufacturers looking to address OSS vulnerabilities:
• Key software components are not proactively screened for security vulnerabilities.
• The databases listing known open-source vulnerabilities are slow to publish them, narrow in focus or incomplete in coverage.
• There are limited resources that provide practical information on ways to mitigate or work around known vulnerabilities.

Login and post your comment!

Not a member?

Signup for an account now to access all of the features of RFIDJournal.com!

Case Studies Features Best Practices How-Tos
Live Events Virtual Events Webinars
Simply enter a question for our experts.
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations