The expansion of IoT has prompted a rush to deploy billions of devices worldwide. Companies across several industries have amassed vast quantities of connected devices, creating gaps in security. Today, IoT security is overlooked in many areas. Among the above, a significant percentage of devices share the admin and password because their default settings are never changed.
The reason security has become a success story is that most devices are invisible to individuals. Hospitals, casinos, airports, and municipalities are all there to see every device on their networks. As a result, security threats have increased. More than 1.5 billion attacks on IoT devices in the first half of 2021, roughly double the previous year.
The cost of a breach for highly regulated industries such as healthcare, utilities, logistics, etc. can be devastating. Despite this, organizations operating in these areas have to have adequate device management and security measures to ensure they prevent breaches before they occur. Compliance issues can result in millions of dollars in fines.
Fact: What you can''t see is limited. Here are five key industries that are experiencing difficulties in security.
Healthcare is the most critical sector that requires IoT devices; hospitals, clinics, and vaccination delivery organizations are often targeted, but the motive is not always monetary. In some instances, it appears to be sabotage. Ransomware attempts on hospitals doubled in 2021, posing the dangers of hospital revenues and their capacity to care for patients.
In 2020, the Cybersecurity and Infrastructure Security Agency launched a COVID Task Force to investigate hazards to healthcare and vaccination entities. The Task Force found a range of threats to patient care and survival as a result of the outbreak. These include medical devices, security cameras and access controls to physically protect healthcare facilities. The Internet of Medical Things is more brittle than we expect, according to Josh Corman, the chief strategist.
Energy and utilities
Utilities are a popular target of nation-state-sponsored attackers. Globally, utilities reported 1.37 billion IoT devices in the future, including critical infrastructure such as smart meters, security cameras, and temperature/fire/chemical leak controls often targeted by bad actors. Around the world, energy and utility companies have taken steps to protect water supplies, power grids, refineries, and pipelines. However, further can be done.
Typical attacks on manufacturers range from extortion and disruption to terrorism. Typical industries include industrial control systems (DCS), programmable logic controllers, supervisory control and data acquisition (SCADA) systems, and human machine interfaces. Often, attacks on manufacturers have taken direct control of PLCs that run factory equipment, rather than accounting or customer records.
1.1 billion IoT devices are required for physical security, such as traffic control systems, street lights, subways, and emergency response systems. Depending on the location, brilliant hackers control traffic lights across a city, varying the timing, and guide an armored vehicle into a trap. And there is real life, for example when a hacker in Romania took over outside video cameras days before the Trump inauguration.
Cities are being hit by ransomware, but New Orleans and Knoxville, TN are the areas in the case. To combat this type of security danger, governments using IoT require 24/7 device management and security to protect public services and assets.
Supply chain & logistics
Despite the high stakes in freight, rail, and maritime shipping, Maersk was unintentionally involved in the NotPetya attack against Ukraine''s government in 2017. Maersk was paralyzed worldwide and was barely able to transport containers and ships for two weeks.
Road monitoring systems with road sensors and LIDAR are IoT-linked as are self-driving cars. IoT allows transport planning, power supply, maintenance, and station control systems to begin with. It''s often difficult to achieve device visibility on large and medium-sized organizations.
Time for IoT security to catch up
The rapidly-growing surface of IoT devices in critical industries is a magnet for attackers. The more intelligent and ubiquitous connected devices become, the greater the potential damage. Successful attacks impose huge costs, and getting IoTs back online with the assurance they are no longer corrupted is crucial to compliance and business survival.
Device management at scale is now fully automated and can automate security measures such as password rotation. Our critical industries and our safety depend on increasing security advancements, increasing complete visibility of our IoTs, and using automation to tightly manage devices at fleet scale.
Securithings CEO Roy Dagan.