With the Internet of Things (IoT) gaining a lot of traction and more connected devices have been included in almost every aspect of life, including homes, offices, cars and even wearable devices, the global IoT security has become a big concern, but also a big market.
According to the most common definition, the Internet of Things (IoT) is basically a network of physical devices, vehicles, home appliances and any other device with embedded electronics, sensors, software, and network connectivity, which allows that same device to connect and exchange data. According to some reports, IoT is expanding at an incredible rate and is expected to reach about 30 billion devices by 2020.
Due to a massive surge and the fact that these are relatively new devices, security was never a primary focus for the Internet of Things devices, usually leaving them with older embedded operating systems and software, leaving them vulnerable to attacks. The fact that consumers also leave those devices with default passwords does not help either.
Although network security experts have been issuing warnings regarding the potential risk of a large number of unsecured devices connected to the Internet, this did not change the security of those devices, which eventually led to some of the first IoT botnets, mostly made of simple devices like smart TVs, video surveillance cameras and DVRs, and other household appliances.
One of the biggest attacks that hit the Internet service provider Dyn was done by IoT botnet Mirai, which was said to be compromised of over 1.2m devices in late-2016 which included IP cameras, digital video recorders, other IoT devices and even routers, bringing down the sites of some big names like Twitter, GitHub, Reddit, Netflix, Amazon, AirBnB, Spotify and others.
Recently, there has been a word of an even bigger and more dangerous IoT botnet, currently known as IoT Troop or Reaper, which is based on Mirai code but also uses known security flaws in some devices, rather than just default passwords.
A big risk also led to an expansion of IoT security market, which, according to a fresh report available at Research and Markets, was estimated at US $5.964 billion in 2015 and could reach US $26.951 billion by the year 2020.
One of the big names in cybersecurity, Bruce Schneier, has proposed a creation of a government regulation of IoT, due to the fact that both IoT manufacturers and customers simply do not care about the security of Internet-connected devices. Bear in mind that the recent Gartner report suggests that there are over 8.4 billion IoT devices in use in 2017, with that number reaching 20.4 billion by 2020.
Most relevant IoT security technologies
According to Forrester Research report, recently released on Tech Radar, there is no single security technology that can secure IoT, but rather a combination of new and existing technologies could help secure IoT deployments.
Some of the most common IoT security technologies include general IoT network security, with antivirus and antimalware protection, firewalls, intrusion detection systems, intrusion prevention system and others, IoT authentication, IoT encryption, IoT authentication, IoT public/private key infrastructure (PKI), IoT threat detection, IoT blockchain and IoT security analytics.
Most reports, as well as known security and network companies, agree that while these security technologies might work the continued evolution of IoT-specific security threats needs to drive the innovation in security technologies.