Internet of Things (IoT) CYB 600 Cyber Security Technology Professor: Contents History What is The Internet of Things (IoT)? Challenges of IoT Devices Potential Risks of Samsung Smart Homes Common Targets Categories of Risk Malicious Attacks Minimizing Risk Countermeasures Risk Management Applications Questions References History By the year 2013, the Internet of Things had evolved into to a system using multiple technologies One of the first examples of the early 1980s, and was a Coca Cola machine Early 1980s 1999 The Internet of Things, as a concept, wasn’t officially named until 1999 2013 What is the Internet of Things? (IoT Samsung, Apple, Amazon, IBM, Cisco, Verizon, AT&T, GE, Honeywell, Nest, Garmin Smart TV’s, Smart watches, IP cameras, Smart washer and dryers, smart thermostats, water sprinklers, smart grills Challenges of IoT Devices Public Perception – in a study by Icontrol Networks called 2015 State of the Smart Home They found that over 44% of all Americans were “very concerned” about the possibility of their information getting stolen from their smart home While 27% were “Somewhat concerned” Challenges of IoT Devices Vulnerability to HackingResearchers with enough effort and time have been able to hack into various devices. This means that hackers can also do the same thing. An example of this, a team of researchers at Microsoft and the University of Michigan found numerous vulnerabilities in Samsung’s SmartThings smart home platform and found they were easy to break Challenges of IoT Devices • • • Are companies ready to secure IoT’s?- A report done by AT&T’s Cybersecurity team surveyed about 5000 companies Found that 85% are in the process of deploying or intend to. But only 10% feel that they could adequately secure those devices against attack Challenges of IoT Devices • • True Security – Jason Porter, AT&T’s VP of Security Solutions, told BI Intelligence, Business Insider’s premium research services, that securing IoT devices means more than simply securing the actual devices themselves. Companies also need to build security into software applications and network connections that link to those devices. Potential Risks of Samsung Smart Homes Smart locks controlled by the SmartThings Hub could be unlocked, allowing for physical access to the home Cameras deployed within the home could be used to remotely monitor occupants The motion detectors used by the home alarm system could be disabled Attackers could cause physical damage to appliances or other devices connected Common Targets Computer Systems Network Components Software Electrical Systems Databases Black-hat Hackers, Whitehat Hackers Categories of Risk Three Main Categories Of Network Security Risk Are: Reconnaissance Eavesdropping Denial of Service Also May Affect Security Of The Network Itself Malicious Attacks U.S and China Top Countries of Origin of Cyber Attacks (41/10%) Types: Fabrications, Interceptions, Interruptions, Modification Active Threats- Brute Force, Masquerading, IP Address Spoofing, Session Hijacking, Passive ThreatsEavesdropping, Monitoring Minimizing Risk Viruses Are the Most Common and Frequent Type of Attack Anti-malware Software is the Most Effective Method of Countering a Virus Attack. Transitive Attacks, Customer Data, IT and Network Infrastructure, Intellectual Property Worms: Trojan Horse, Rootkit, Spyware Easiest Targets Are Users Who Are Unaware of the Security Threats Countermeasures Countering malware: Install anti-malware software: Use secure logon and authentication process Protecting system with firewalls Risk Management RISK IS THE PROBABILITY THAT AN UNCERTAIN EVENT WILL AFFECT ONE OR MORE OF YOUR RESOURCES: ASSETS SUCH AS INTELLECTUAL PROPERTY, INFRASTRUCTURE AND FACILITIES, PERSONAL IDENTIFIABLE INFORMATION RISK EQUATION: RISK= THREATS X VULNERABILITIES RISK=( FREQUENCY OF EVENT) X (LIKELIHOOD THAT SPECIFIC THREAT WILL SUCCEED) ORGANIZATIONS SHOULD BE ABLE TO IDENTIFY AND ADDRESS RISKS BEFORE EVENTS OCCUR SHOULD ALIGN SECURITY WITH BUSINESS OBJECTIVES FOR SUCCESSFUL RISK MITIGATION Applications • Consumer Applications • Commercial Application • Industrial Applications • Infrastructure Applications Questions References: security & privacy Retrieved from https://www.businessinsider.com/internet-of-thingssecurity-privacy-2016-8 Meola A. (2018, May 18) What is the Internet of Things (IoT)? Meaning and Definition Retrieved from: https://www.businessinsider.com/internet-of-thingsdefinition