Cybersecurity is a hot-button issue moving into 2020. Much of this is fueled by security threats posed by the influx of unsecured devices. The Mirai botnet DDoS attack of 2016 showed the fatal flaws in these connected devices. Statista Research estimates the number “things” connected to the Internet of Things (IoT) will triple from 26 billion in 2019 to 75 billion by 2025.
To put that in perspective, the global population is steadily creeping toward 8 billion. With Gartner reporting, 65% of enterprises using IoT devices, it’s clear that IoT security challenges are taking center stage in the 2020s.
How IoT Differs from Traditional Internet
IoT is the collective name given to internet-enabled devices. Everything from industrial machinery to smart cars, smart home devices, and wearables are included. Many of these devices use sensors and machine-to-machine (M2M) communication through Wi-Fi, RFID, NFC, and Bluetooth to bypass human intervention.
For example, Amazon’s Key in-home delivery service uses smart sensors to allow delivery drivers to unlock your door or garage while you’re not home. This reduces the likelihood of package theft, but these same smart devices can become security vulnerabilities.
A 2019 report from security firm Zscaler found 91.5% of IoT data transactions on corporate networks are unencrypted. This exposes both the devices and the networks they’re on to man-in-the-middle (MitM) and other attacks. Making matters worse, IoT devices don’t run Windows or MacOS, so they’re often excluded from antivirus, antimalware, and other vital security updates.
It’s inevitable that more breaches will occur in 2020.
The New Frontier of Cyber Security
Researchers are heavily focused on understanding the breadth of IoT security challenges faced in the coming years. There are two basic categories of cyberattacks against IoT devices: IoT-targeted and IoT-powered.
In IoT-targeted attacks, hackers specifically focus on security vulnerabilities in IoT devices. McAfee security researchers found smart appliances, like the internet-enabled Mr. Coffee machine, are often fully-featured Raspberry Pi machines running a barebones Linux OS. Once these smart appliances are compromised, the attackers have full access to monitor and intercept all network data.
Targeting IoT devices is more likely to be successful than a manned workstation with regularly updated security patches. It’s a crime of opportunity that targets both consumer and enterprise users.
With IoT-powered attacks, the devices are already compromised. Software has been installed on the device, and it can now be used to power a botnet. This is what happened in 2016 when the Mirai botnet destroyed half the internet by overpowering Dyn. Mirai was powered mostly by unsecured DVRs and IPTV cameras, and the open-source code was released to the public.
Mirai gets about as many updates as Windows, and its code has been used to create Torii in 2017 and Satori in 2018. These botnets leverage home IoT devices to create a supercomputer capable of performing targeted distributed denial-of-service (DDoS) attacks.
It’s not just cyberattacks – IoT security challenges involve GDPR compliance and other government regulations, too. That’s why companies are increasingly implementing advanced technologies, like blockchain and artificial intelligence (AI), to combat emerging threats and maintain compliance.
2020 Cyber Security Trends
1. Increased Cyber Security Budgets
American CEOs continue citing cybersecurity as the number one “external concern” in every industry. Cyberattacks occur an average of twice a minute, and the victim cost is expected to reach $6 trillion by 2021. This led to spending increases of 141% from 2010 to 2018, culminating in $124 billion spent on cybersecurity in 2019. This number will continue rising in the 2020s.
2. Automation and Machine Learning (ML)
AI is increasingly being used by both cyberattacks and defenses against them. These self-updating algorithms analyze large amounts of big data to find anomalies and vulnerabilities continuously. By the end of 2020, it’s unlikely that businesses lacking AI/ML antimalware capabilities will be able to compete.
Blockchain technology and cloud computing enable new ways of storing, processing, and accessing data. Spending on cloud-based services is steadily increasing, with a 17.5% growth in 2019, according to Gartner. Startups like IOTA created blockchains specifically targeted at IoT devices to create a secure digital ledger recording all M2M transactions across the cloud.
These technologies combine to create a dominant defense against cyberattacks.
Moving Forward in the IoT Age
Cybersecurity in 2020 will be almost entirely focused on IoT security challenges. With most connected devices now communicating without human intervention, it’s vital that security remains a primary concern. An unsecured device like a smart light, or even the breakroom coffee machine, can quickly become the nail in a company’s coffin.
Contact a Donnellon McCarthy Enterprises account manager today to learn how to protect your business from cyberattacks in 2020 and beyond.