The rise of IoT has brought with it another evolution in malware. The increasing number of hacker attacks through malware (Thingbots) is an entirely new problem that’s being enabled by the high number of inadequately protected IoT systems flooding the market.
While making a presentation on Internet of Things during the IoT and AI Summit in Nairobi, Karein Borheim, CEO FABS noted that Thingbot is a device with an embedded system and an Internet connection that has been co-opted by hackers to become part of a botnet of network which is composed of infected IoT devices. Hackers use this malware to compromise security for IoT.
“In a digital network where millions of IoT devices communicate over the Internet, security has to be built throughout the system with the things, edge, network and applications. IoT will be the cyber-weapon delivery system of choice and the infrastructure for darknet.” Karein Borheim, CEO FABS.
Essential IoT security practices include:
Encrypting devices. The smallest unit, the microchip, has to be intelligently encrypted using a separate key for each device. This is the only reasonable way to repel hacker attacks aimed at stealing access credentials.
Providing security updates. Utilize a platform that provides the ability to install software updates on IoT devices, including security patches. This has not been a common practice for consumer products, and we are now paying dearly. If you consider that firewalls and antivirus programs on your home notebook run full time to prevent attacks, the lack of similar protection in the IoT world is an absurd and highly dangerous situation. The responsibility of updating IoT enabled devices is the burden of every single user of this technology.
Integrating intelligent gateways. User data should be transmitted from the end device to an intelligent gateway that is encrypted. IoT urgently requires monitoring of enormous data streams and more intelligent defense mechanisms such as deep packet inspection.
Strengthening cloud security. An essential component of IoT security is security in the cloud. Customers need to know that the personal data their home IoT devices send to the cloud is under the best of care.
Providers of highly networked IoT technology must be sensitive to the issues of IT security, data protection, and data sovereignty. “Safety first” is therefore a must in the age of IoT so that the Internet of Things, and the great ideas behind it, does not degenerate into the Internet of Thieves