The Road Ahead: Two IoT Security Predictions for 2018

Those in the Internet of Things space should pay attention to these concerns in the coming year.
Published: December 31, 2017

The Internet of Things (IoT) market is set to grow dramatically in 2018 and beyond. In fact, according to estimates from IHS, the install base for IoT devices will grow to 30.7 billion by 2020, and 75.4 billion by 2025. The benefits of smart technology, 24-7 connectivity and the massive flow of accompanying data are clear for both businesses and everyday consumers. But, like any other new technology, as connected cars, smart phones, IoT-enabled manufacturing systems and countless other IoT products continue to come online en masse, new security concerns begin to surface, along with cyber criminals who are eager to exploit them.

Here are two major security predictions everyone in the IoT space should be paying attention to in 2018:

IoT Botnets Will Force Governments to Regulate IoT Device Manufacturers
In 2016, the Mirai botnet showed the world just how powerful an army of IoT devices can be. We’ve seen attackers use Mirai to launch successful, record-breaking distributed denial-of-service (DDoS) attacks against popular websites like Twitter, Reddit and Netflix. As IoT device adoption continues to skyrocket, attackers are targeting these devices in greater numbers due to their weak or non-existent security, in terms of both development and deployment.

Attackers have already started improving on the Mirai source code, which will mean larger and stronger botnets in 2018. For example, the Reaper botnet actively exploits common vulnerabilities in IoT devices to gain access to the devices instead of relying on a hard-coded credential list. As these attacks continue to become more effective, the damage they cause will grow as well, until the IoT manufacturing industry is adequately incentivized or forced to add stronger security to their products. In 2018, we expect to see a major new IoT botnet attack wreak so much havoc that it finally causes governments to address IoT security.

Potential IoT device regulations will most likely affect manufacturers of consumer-grade IoT devices first, since the end users of these products don’t have the knowledge to secure their own devices. These regulations will likely mirror similar liability-oriented regulations in other industries, in which manufacturers are held at least partially accountable for flaws in their products.

Expect Linux-targeted Attacks to Double in 2018 Thanks to the IoT
Since the fourth quarter of 2016, WatchGuard Technologies has published a quarterly Internet Security Report, which shares details about the malware and network exploits our products detect and block around the world, and the results of research done by the WatchGuard Threat Lab.

The growth of Linux attacks—largely targeting Linux-based IoT devices—was a recurring trend in many of WatchGuard’s 2017 quarterly reports. For instance, Linux malware represented 36 percent of the top malware in the first quarter of 2017. During the second quarter, we saw an increase in network software exploits targeting Linux systems. Finally, research from our Threat Lab’s honeynet discovered many telnet and SSH attacks targeting Linux-based systems, similar to the Mirai IoT botnet.

We suspect, and our research confirms, that criminals’ increased focus on Linux attacks is driven by their desire to target IoT devices. While IoT devices are technically diverse, a large percentage of them are inexpensive, with embedded Linux systems and released with highly insecure defaults. We expect attackers to continue to take advantage of these insecure devices to fuel their botnets. Based on our threat research and major trends within the IoT space, we expect Linux-specific attacks to double in 2018.

The Road Ahead
As IoT devices continue to play an increasingly pivotal role in business and everyday life, it’s imperative that all smart device manufacturers take the necessary steps to improve security in their design and deployment processes. Keep an eye out for more IoT-driven attacks in the coming year, to see how governments and manufacturers respond.

Marc Laliberte is an information security threat analyst at WatchGuard Technologies.