IoT cyberattack: The complex relationship between connectivity and cybercrime

• Author:
• Author name

  Quantumrun Foresight
• January 13, 2022

For many consumers, the Internet of Things (IoT) has made modern life convenient, from smart appliances to digital assistants. But what happens when these devices get hacked?

IoT cyberattack context

The Internet of Things (IoT) is composed of consumer and industrial devices that are able to collect and transfer data over a wireless network and between devices, without human intervention. Devices can include almost anything marketed as “smart,” such as smartphones, smart TVs, and smart appliances like coffee makers and refrigerators. 

When IoT devices are hacked, cybercriminals get access to private information, such as contact lists, email addresses, and consumption patterns. The consequences of such hacks are graver when applied to a much broader scale such as smart cities with interconnected infrastructure, such as public transportation, water, and electricity. Aside from stealing personal accounts and information, cybercriminals can actually disrupt these essential services. This is why it’s more important than ever to include cybersecurity as one of the critical components of any IoT project. 

Disruptive impact

To improve their cybersecurity profiles, companies involved in the IoT are reassessing their entire value chains of IoT products. The first element of this chain is the edge or local plane, which connects digital information with actual things, such as sensors and chips. The second factor to consider is the communication network, the primary connection between the digital and the physical. The last part of the value chain is the cloud, which sends, receives, and analyzes all the data needed to make IoT work. 

Experts think that the weakest point in the value chain is the devices themselves due to firmware not being updated as often as they should be. Consulting firm Deloitte says that risk management and innovation should go hand in hand to ensure that systems have the latest cybersecurity. However, two main factors make IoT updates particularly difficult—market immaturity and complexity. Thus, the industry must be standardized—a goal that is beginning to take shape since the introduction of the common Matter protocol adopted by many IoT companies in 2021. 

In 2020, the US released the Internet of Things Cybersecurity Improvement Act of 2020, which lists all the security standards and regulations that an IoT device should have before the government could purchase it. The bill’s guidelines were also created by the security organization National Institute of Standards and Technology, which could be a valuable reference for IoT and cybersecurity vendors.

Wider implications of IoT cyberattack

Wider implications relating to IoT cyberattacks may include:

• The gradual development of global industry standards around IoT that promote device security and interoperability. 
• Increased investments by leading technology companies into regular software/firmware updates for IoT devices.
• Governments and private corporations increasingly dedicating personnel and resources to IoT security within their operations.

Questions to comment on

• If you own an IoT device, how do you ensure that your data is secure?
• What are the possible ways IoT devices could be protected from cyberattacks?