Perhaps you caught the news article last week by the UK online news source The Independent, highlighting the story about a Russian website hosting live feeds from hundreds of baby monitors, CCTV cameras and webcams from hacked UK homes and businesses.
This isn’t even a true “Internet of Things” (IoT) issue, but perhaps those of us concerned with cybersecurity could agree that if the hacks, breaches and simple human error that we deal with every day are any indication, the IoT era is just going to be more of the same – only worse.
The logic is – if cybersecurity is weak today (and the average Joe has no idea how truly breached our Internet fabric is), it may be even worse tomorrow with the advent of explosive IoT capabilities. Here’s why I say that.
Sheer Scale – it’s Big
Privacy concerns aside, there’s a lot of Internet-enabled “smart things” coming, and a lot of money foreseen to be spent on the IoT convergence.
First, let’s define the “Internet of Things.” Gartner defines it as:
“…the network of dedicated physical objects (things) that contain embedded technology to sense or interact with their internal state or external environment. The IoT comprises an ecosystem that includes things, communication, applications and data analysis.”
Depending on who you listen to from Gartner to Cisco to Morgan Stanley, here are some stats:
- 5 billion – connected ‘things’ by the end of 2015
- $69.5 billion – spending estimates for IoT-supported services in 2015
- 25, 50 and possibly up to 75 billion – connected ‘things’ by 2020
- $263 billion – spending estimates for IoT-supported services in 2020
- 3 ‘things’ – with digital smarts for every person alive today, at a minimum
Back to the nannycams and other webcams being streamed live on a Russian website – think about this. Today, people install all kinds of stuff—remote access to their personal or professional desktops, webcams of all types—now fast forward to when your cell phone is your wallet, or the car you drive is as accessible as your desktop – what then?
Some believe that by 2020, the utilities sector will be the number one vertical industry for machine-to-machine and IoT communications. This is especially troubling since the NSA told congress Thursday, November 20, 2014, that China and “probably one or two other” countries could shut down our security grid.
And this is with human observation and intervention, not fully machine-to-machine interaction (IoT) without a sense of nationality or allegiance. On a much larger scale then, the ability for a foreign government to bring down portions or our entire grid when IoT is in full swing? IoT concerns me plenty.
The real question is: have we become numb to breaches?
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the ShellShock and Heartbleed vulnerability.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Image header courtesy of ShutterStock.com.