Virtualization Technology News and Information
DomainTools 2018 Predictions: Keeping up with IoT in 2019

Industry executives and experts share their predictions for 2019.  Read them in this 11th annual series exclusive.

Contributed by Sean McNee, Senior Data Scientist and Tim Helming, Director of Product Management, DomainTools

Keeping up with IoT in 2019

Connectivity has become integral to daily life in modern society, and many of us can no longer imagine life without our Alexa, Ring, Nest and other connected devices. But while consumers and businesses eagerly increase reliance on IoT products, most remain unaware of the significant headaches they cause among the cybersecurity community. With the number and variety of IoT devices on the rise each year, security teams and IoT manufacturers are struggling to keep pace with threat actors and hackers looking to exploit these systems. A Gartner survey from earlier this year found that since 2015, nearly 20 percent of organizations witnessed at least one IoT-based attack. Gartner also reported that worldwide spending on IoT security would likely increase 28 percent from 2017, reaching $1.5 billion in 2018. 

IoT devices are rife with vulnerabilities, and dozens of breaches across industries including telecom and healthcare can be attributed to them. The high-profile Mirai attack in 2016 is one, and was the cause of internet service disruption to more than 900,000 Deutsche Telkom customers. Cybersecurity experts fully expect IoT to be an ongoing area of importance in the coming year, and organizations must build dedicated security practices that address IoT device risks, and ensure they are meeting minimum ‘securability' standards.

DomainTools' Senior Data Scientist, Sean McNee and Director of Product Management, Tim Helming provided their insights on what 2019 has in store for IoT and cybersecurity.   

"It seems that every year now is the year of the ‘Internet of Things.' An even more diverse set of items, from electric cars to toasters to pacemakers, are being added online with varying sets of security measures. As noted by Adam Shostack at Black Hat 2018, these IoT devices have unique sets of real-world properties which can be attacked and exploited remotely. We expect attackers to create exploits to target the physical components of IoT devices with the goal of degrading performance or completely disabling them: remotely cause batteries to discharge rapidly, overload compressors or heating elements, or cause them to stop responding. Examples of these exploits could be: electric cars running of out battery power on the freeway, toasters catching on fire, or in a worst-case scenario, pacemakers turning off." Sean McNee, Senior Data Scientist

"A set of security standards for consumer and small business-grade IoT devices will be drafted. This proposal could include something analogous to the UL listing for electrical devices--it would state that a device with the certification meets specific minimum standards for ‘securability.' Example criteria could include forcing strong administrative passwords, hardening of the OS, not listening on any ports except one or two that require encryption and authentication, etc." Tim Helming, Director of Product Management


About the Authors


Sean McNee, Senior Data Scientist

Sean has a Ph.D. in Computer and Information Sciences from the University of Minnesota. His research and business efforts focus on the creation of actionable insights in support of critical decision- making through the use of new technologies and workflows over corporate & Internet networking data.

Tim Helming, Director of Product Management

Tim Helming has over 15 years of experience in cybersecurity, from network to cloud to application attacks and defenses. At DomainTools, he applies this background to helping define and evangelize the company's growing portfolio of investigative and proactive defense offerings.

Published Friday, November 09, 2018 7:32 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2018>