Over the last couple of years, technology evangelists have discussed the vast benefits of the Internet of Things (IoT). The list of benefits is almost too long to discuss in a single blog post.
Less attention has been paid to the risks that IoT has created, in particular the vulnerability to cybercrime. Consumers and businesses around the world face tremendous security risks while connecting to IoT networks. ZDNet published an article on five chilling examples of IoT security breaches:
- The Stuxnet hacking incident destroyed over 1,000 centrifuges between 2010 and 2014
- The Mirai botnet used many IoT devices to take down some of the largest websites in the world, including Twitter, Netflix and Spotify
- Hackers terminated the heating in two buildings in Lappeenranta, Finland
- The Brickerbot attack affected over two million IoT devices
These types of attacks will not subside until better IoT security solutions are developed, and the only way to address these concerns is by developing a uniform IOT security framework. ARM and Symantec proposed an open security protocol for IoT devices last year. Representatives from the two firms promised to use trusted code management and other technologies that have already been proven in the financial sector and other sensitive applications.
Many security professionals rallied around the proposal. They believe that using ARM technology will drastically improve security of IoT. Are these predictions reasonable or overly optimistic?
Merging ARM and Symantec security solutions can have significant benefits. However, it can also lead to a couple of concerns as well.
New compatibility issues with older IOT devices
According to research from Gartner, approximately 5.5 million IOT devices are going online every day. Many of these devices may not be compatible with the tools needed to implement the new security protocols. Newer devices will be designed to be compatible, but older devices may have difficulty. If any protocols become standardized on a large scale, older devices may be blocked from connecting to certain networks.
Any security vulnerabilities will affect every IOT device
While the technology that ARM and Symantec depend on is among the best in the industry, it is inevitable that hackers will discover security vulnerabilities. Once those flaws are uncovered, all IoT devices will be sitting ducks until the right patches are developed.
This is an argument in favor of a more decentralized IoT security framework. Tens of thousands of different types of devices relying on slightly or entirely different IoT security infrastructures may be more difficult to crack, even if they are inherently less secure.
Attackers would need to find the security flaws in each of those devices and would have a harder time deploying automated attacks on a mass scale. A compromise may include developing a two-factor security solution. Every device could be equipped with the security safeguards built in by ARM and Symantec, in addition to its own customized protections. This may include using gateways, which are proven to have both enhanced security and less complex connection protocols.
Rehan Jiaz is an entrepreneur, business graduate, content strategist and editor overseeing contributed content at SmartdataCollective.com. He is passionate about writing stuff for startups. His areas of interest include digital business strategy and strategic decision making.