Market research firm Gartner predicts that the number of connected 'things' will rise from 6.5 billion in 2015 to almost 21 billion by 2020. This will result in better customer experiences, with connected devices providing information on everything from when the brakes on a bus need to be replaced to whether all the machines on a mine site are running within acceptable parameters.
However, connected devices will also be a target for cybercrime, even more so because people place enormous trust in third-party vendors being safe. These endpoint devices provide thousands of potential entry points to an organisation's network. They need to be secured. In 2016, we saw the first real challenges appear where compromised devices were connected together in a botnet to launch attacks against banks and key parts of the internet infrastructure.
Anything that you connect into your computer or network is a potential risk. The types of devices range from CCTV cameras to tiny sensors attached to complex machinery, and they may not always be top of mind for security professionals. But if they are connected to the internet or managed by a third party, then they could put the business at risk.
Committed cybercriminals will use every trick in the book and be creative in trying to access the information they want, and look at what ways they can gain entry.
What you need to consider:
- It is important to understand that the IoT is not a possibility or a project of the future - it is a current reality. Make a point to ask suppliers involved in security assurance how they can assure the security of the devices they provide. As we have seen many times, there may be no security, or the devices could be using some default username or password. These should be changed from the moment they are on your network.
- Any devices using factory settings for security are simply asking to be compromised. IT managers must change those standard administrator passwords to avoid being targeted.
- These devices should also be regularly checked to see if they adhere to the company's security policy.
3) We may see a ransomware vortex with a nasty surprise
Ransomware involves attackers locking up a business's data and demanding a ransom for its release. If you thought 2016 was bad for ransomware - where attackers access data and ransom it back to the victim - then 2017 will be worse. We can expect to see a higher attack volume, using more sophisticated technologies. If the discovery of Locky ransomware was anything to go by, financial malware will continue on an upward trajectory in 2017.
The kicker will be that, because enterprises and individuals have previously paid, more than likely the prices will increase. There have been cases where the ransom was paid, the data was unlocked, and then the victim was hit again. Paying to unlock one or more machines in your organisation doesn't provide immunity from a threat that could be spreading in your environment. Our advice has always been: don't pay.