Home wireless networks, smart cities, industry-specific deployments, and government services top list of rapid IoT adoption in 2021 that will be more vulnerable due to expanding attack surface.
LOCH Technologies, Inc.™, the leader in wireless IoT security, today released its 2021 Internet of Things (IoT) predictions, which highlight trends that may impact consumers, businesses and the public sector.
These predictions outline the increasing prevalence of IoT in our lives, the resulting expanded attack surface, and the potential economic and social risks.
“With rapid advancements in connectivity options as well as the rollout of digital initiatives being accelerated by the pandemic, we’ll see exponential growth in IoT deployments continue in 2021 across nearly every industry especially retail, healthcare, and manufacturing, as well as the public sector and at all levels of government,” said Garry Drummond, CEO at LOCH.
“While businesses are focused on innovation, improving customer experiences, operational efficiency, and new revenue growth opportunities, the attack surface is growing for cyber threat actors motivated by financial gain or hacktivists and cyber terrorists motivated by political, ideological, or social gain.”
- Proliferation of Connectivity Options including 5G and Satellite – 5G plays an increasing role in everything from smart cities, connected cars, and industrial automation. As we move into hyper-multipath connectivity edge computing, wireless is the new network and the new attack surface. Security for mission-critical operational networks is imperative. In addition, as satellite launches become more affordable, companies in the private and public sectors will increasingly offer internet services via satellite link, for both urban and rural areas. Increasingly, such satellites will connect directly to a host of IoT devices (think remote crop monitoring or smart traffic lights) as satellites are an attractive target for hackers, this will require organizations to secure satellites from all manner of threats — both to satellites themselves (as they themselves are an IoT device) and how they are communicating over wireless.
- Wireless Home Networks and Shadow IoT – With Covid-19 still rampant, the workforce will continue to be remote for the foreseeable future and this will increase an organization’s risk profile, therefore, businesses will be seeking solutions to keep company assets secure. While enterprises are expanding their use of IoT, employees are also connecting personal IoT devices in the office and at home. Furthermore, with 80% of IT and IoT devices at home being wirelessly connected, wireless is also the new network and attack surface for remote office workers. As such, enterprises face significant challenges having employees connect from home. The number one concern is the lack of visibility into the wireless home network environment to be able to measure what “should be” against “what is,” as well as a clear understanding of the device behaviors and potential “back-door risks” from these connected IoT devices like smart TVs, thermostats, home security/monitoring cameras, USB WiFi thumb drives, voice assistant devices and wireless printers (commonly known as Shadow IoT). This expands the attack surface and the possibility of lateral movement unbeknownst to IT departments.
- Digital Healthcare Gains Momentum – Healthcare companies rely on hyper-connectivity to function, everything now connects to something. Machines are no longer untethered artifacts of production, they are now highly optimized in order to drive efficiencies, and help companies compete in the new “online” world. More and more devices within hospitals will use smart technology, enabling health systems to deliver more responsive, targeted, and efficient care. Fueled by the pandemic, hospitals are racing to embrace new capabilities to stay connected with their patient’s, therefore organizations are looking for more convenient telehealth services aided by IoT devices that monitor health levels. However, these smart technologies are also vulnerable to cyberattacks. Health organizations will be looking for innovations in detection and mitigation capabilities to help keep their patient data safe and devices secured.
- Improving Manufacturing Efficiency – Companies looking to help drive smarter and faster business decisions to improve operational efficiency will start to deploy more IIoT as they are looking for better insights into their business, better allocation of resources, management of assets and inventory, enable seamless logistics, and accelerate product development – all helping to drive top-line growth. However, with potentially thousands of wireless devices in their environments, governed by dozens of new protocols and new operating systems, companies face the challenge of identifying these vulnerabilities, much less preventing attacks. As such, manufacturing companies will have a massive need to gain comprehensive visibility with risk analysis over their IoT devices.
- Digitize the Retail Experience – The retail industry is going through a transformative time. Even before the pandemic, retailers have been rapidly adopting digital strategies to increase efficiency and create better consumer experiences including touchless experiences, interactive buying, and drone deliveries. The pandemic has accelerated the need to streamline convenience for consumers from curbside pickup, same-day deliveries, and more with IoT playing a pivotal role. Just as with other industries, retailers will have a need to secure these wireless payment and interactive devices against intrusion and safeguard against this larger attack surface.
- Smart Cities on the Rise – Wireless IoT devices are enabling more cities to operate smarter. With traffic lights, parking meters, connected sensors for utilities, and other critical infrastructure, communities now have more data to make intelligent decisions for improving traffic flow, emergency services, ensuring cleaner water, improving road quality, and much more. However, smart cities are the next cybersecurity battleground as they represent high-value targets for hackers. With the transition to 5G and race to WiFi 6 now on, smart cities will have a significantly larger attack surface especially with the adoption of broad-spectrum wireless IoT and cellular wireless being big new threat areas. Moreover, with the convergence of IoT into OT environments across smart cities — including smart factories, water utilities, power stations, or first responder networks — the risks are increasing daily. In order to thwart these new threats, Cities need real-time asset discovery and visibility, proactive risk analysis, risk mitigation, and event detection and response along with prescriptive guidance to adequately anticipate real-time threats.
- Governments are Target of Espionage – In addition to cities at the local level, governments are turning to digital initiatives to improve efficiency, realizing cost savings, and streamline services. Furthermore, 25 percent of cyber attacks are related to the invisible espionage threat, according to the Verizon 2020 Data Breach Investigations Report. While IoT is transforming the public sector by altering how data is gathered and analyzed to improve responsiveness in public services that are being provided, danger lurks behind it. The use of IoT has the potential to improve digital (web and mobile) government services, improve public safety, communicate roadside hazards, deliver more efficient energy consumption, and lower energy-related emissions.
- Critical Infrastructure: Energy, Oil & Gas, Water – Critical Infrastructure serves society’s basic functions and needs. Disruptions to these systems from cyberattacks can have catastrophic consequences. These are high-value targets for hackers due to the increasingly deployed IoT products across power companies, water treatment plants, oil and gas companies, and/or drilling sites, which only increase the likelihood of cyberattacks.