Wonder
Log in
Research Outline
Prepared for Tyler S. | Delivered July 29, 2019
Cybersecurity risks to IOT
Review your project details
Goals
To obtain background information to assist with writing an article, beter understand the cybersecurity risks and solutions associated with the IoT.
View less
Early Findings
Risks/Causes
The
number of connected
devices increases the risk because there are more entry points for hackers to get in and compromise the system. An example of this is a garage door opener that also allows for disarming a home security system.
devices
increase the risk because there are more entry points for hackers to get in and compromise the system. An example of this is a garage door opener that also allows for disarming a home security system.
The National Institute of Standards and Technology, a division of the U.S. Department of Commerce, describes the
three broad areas of risk
associated with IoT as devices, data, and personal privacy.
Sensor data
can be compromised when sensors are accessed wirelessly and made to produce false data. Sensor data needs to be effectively managed so attacks can be quickly identified.
Actuators on devices
allow for changes to the physical world. Examples are turning lights on or off, adjusting temperature, and locking or unlocking doors.
Most I
o
T
devices have the ability to
do much more
than what they are actually used for. The potential capabilities of devices adds an extra layer of risk because when looking at the risks associated with the device, it needs to be approached from what it potentially can do, not just what it does do.
Manufacturers
do not always create devices that have the necessary hardware or software in place to allow the device owners to implement strong security. An example of this would be devices that don't allow for the changing of usernames and passwords.
Employees are often one off the biggest risks for IoT devices and systems as they can be susceptible to
phishing schemes
and trying to adapt devices to better meet their needs without thinking of the larger potential consequences.
Best Practices/Solutions
One of the fist steps that should be taken to inform solutions to IoT security risks is to identify what an
attacker's goal
would be when they access a particular device. Knowing what the attacker may be trying to do is the first step in putting security in place.
Protecting the credentials
of IoT systems and devices is one of the most important steps organizations can take to reduce the risk of system breaches.
View less