Recent large-scale IoT-driven cyberattacks may only be the beginning if the security in consumer IoT devices remains unchanged.
As the number of connected devices increases, so does
the security risk if the market doesn’t address IoT cybersecurity, according to a new report by Juniper Research.
The report references cyberattacks from the Fall, which leveraged
compromised IoT devices to create so-called "botnets" to attack servers, saying that the current security vulnerabilities of IoT devices may lead to more complex attacks in the future.
“Attacks such as those on Dyn last October can be viewed as proof of concepts,” said Steffen Sorrell, author of the report.
“In the medium-term, botnets will be used far
more creatively, not only to disrupt services, but also to create a distraction enabling multi-pronged attacks aimed at data theft or physical asset disruption,” Sorrell said.
The brands
making IoT devices should begin to design security directly into the devices, according to Juniper.
This recommendation also appears in other sets of guidelines for IoT security developed by
government agencies, one of which plans to go further if the market fails to take action.
The FCC is monitoring the security risks within the Internet of Things and plans to step in with
regulation if it determines the market won’t adequately address the risks naturally, as the IoT Daily recently reported (Now FCC Stepping In On IoT Regulations).
This could be done through updating the
FCC’s equipment certification process or creating a task force, potentially leading to new laws, according to the FCC.
By 2021, the installed base of IoT products will grow to 46 billion
units, 15 billion of which will be consumer-facing, according to Juniper.