The Internet of Things has become one of the most important technology trends in recent years. It finds its way into our households and everyday life and plays at least as important a role in the industry. What is hidden behind the term and what you need to know about security risks and measures to protect against attackers can be found in the following article.
Definition: What Is The Internet Of Things?
The Internet of Things (IoT) refers to a network of physical objects. These objects (“things”) can be either a refrigerator from your household or a complex industrial robot.
The special thing about these objects is that they are equipped with sensors, software and other technologies that enable them to exchange data with other systems and devices via the Internet and link them.
This description makes the core issues of the Internet of Things clear. It is about physical objects that receive a certain “intelligence” through sensors and software and communicate and collaborate via the Internet.
Goals Of The Internet Of Things
The Internet of Things can have different goals. The goals vary depending on the IoT application. The focus is on a certain form of optimization for all goals.
A few target values are listed below.
- Convenience: One goal of the IoT application is that the technology increases the user’s comfort. Because the Internet of Things can relieve us of unpleasant and, in particular, repetitive work.
- Efficiency: Another goal of the Internet of Things can be to increase efficiency. It can be achieved in several ways. Reducing human error can also increase efficiency, as can automatic information transfer between IoT devices.
- Increased security: The IoT examples below from the industry show another possible goal: increasing security. With IoT devices, safety-relevant technical errors (such as incorrectly tightened screws) can be minimized, or work can improve safety.
The boundaries between real and virtual worlds gradually reduce to perhaps even eventually dissolve completely, which can be seen as an overarching goal of the Internet.
In practice, this would mean that every real object becomes part of the Internet of Things and continuously makes its status information available on the Internet within the framework of networking.
Application Examples In Practice
In the Internet of Things, a distinction is made between two target groups: the IoT for consumers and the IoT for the industry. To distinguish the two areas even clearer, the Internet of Things is often referred to as the Industrial Internet of Things (IIoT) in the industrial sector. Following the theoretical consideration, you will find a few concrete application examples from both fields of application:
- Fitness wristbands/fitness trackers: Measured data such as the number of steps and pulse rate are transmitted to the smartphone and evaluated there.
- Smart cars: a car does not have to drive autonomously to be part of the Internet of Things. As soon as you use, for example, an intelligent navigation system that takes the traffic situation into account or one of the numerous assistance systems, we are already talking about the Internet of Things.
- Smartphones: Depending on the type of use, smartphones are also part of the IoT. If you control other devices (e.g. your light or your coffee machine) with your smartphone, you are already on the move in the Internet of Things.
- Maintenance monitoring: The maintenance requirements of robots are checked with the help of sensors. This monitoring enables repairs to be initiated before defects occur.
- Determining the position of a cordless screwdriver: The “Track and Trace” project by Bosch, Cisco, National Instruments and Tech Mahindra makes it possible to locate a cordless screwdriver very precisely within a workshop. The recorded position then ensures that the correct torque is selected for the corresponding task. For example, safety-relevant screws are automatically tightened with the precisely prescribed force.
- Wearables: Wearables are not only an issue in the private area of the Internet of Things. The steel producer North Star BlueScope Steel equips its employees in the IIoT area for occupational safety with “intelligent” helmets and wristbands. In this way, the safety of employees is to be monitored, and dangerous situations to be recognized in good time. In addition, parameters such as body temperature, pulse and activity level are tracked, enabling breaks to be tailored to suit requirements.
Technologies Behind The Internet Of Things
After looking at what the Internet of Things can look like in practice, we would now like to show you which technological advances have made the Internet of Things possible. Access to cost-effective and energy-saving sensor technology is an important factor. This made it possible for a larger number of manufacturers to work in the IoT environment. In addition, the end products have become cheaper, which means that they can address a large group of buyers.
The increased availability of cloud computing platforms is also contributing to IoT development. It enables companies and consumers to access the infrastructures they need to be able to scale up. The administrative effort for the user or the company is kept low.
Products like Alexa also show the influence of artificial intelligence (AI) on IoT technology. Because only AI enables, for example, the processing of natural language, which has had a particularly positive impact on use in the private sector.
The further spread of the Internet of Things is additionally supported by the expansion of 5G, as 5G offers both the required speed and can cope with the steadily increasing volume of data traffic.
Risks Of The Internet Of Things
As previously described, more and more devices are being networked through the Internet of Things. However, this networking creates new security risks.
What Is A Botnet?
A botnet is a collection of hacked devices connected to the Internet. They serve as a multiplier for individual attackers. Often, such botnets aim to disrupt their victims’ systems, completely paralyze them or gain access to them.
You may now ask yourself: What are the effects of such hacker attacks in the IoT environment? Compared to attacks on the classic IT network, attacks on IoT devices can have far more dramatic results. A successful attack could paralyze a completely networked production or, in the worst case, even cost human life if, for example, a robot can no longer be controlled or a connected car is manipulated.
Problems Securing IoT Devices
- The Starting Point For Protection: The fundamental problem is that many lack the starting point for protecting IoT devices. Particularly in the private sector, it is often unknown that IoT devices need to be secured, and even if it is known, the specialist knowledge to carry out protection is missing.
- Lack Of Update Option: It should also be kept in mind that the price for many IoT devices is very low. When it comes to items in the cent range, an update option for security updates is usually not even provided. If the manufacturer does provide this option, the security updates are rarely delivered over the entire lifecycle of the product.
- Classic Firewalls Are Not Enough: Even the classic firewall is often not the right solution for securing the IoT network. Because compared to “classic” IT, there is not only traffic from the own network to the outside and from outside into the own web in production, for example. There is also data traffic between the individual machines. With this form of communication, the classic perimeter concepts with firewalls no longer apply. Therefore the data traffic between the devices should also be secured.
- Low Computing Power: The low computing power of IoT devices is another problem. Security tools that work on computers can, therefore, in many cases, not be installed. Patches and updates can usually not be imported without any problems.
- Difficult To Determine Irregularities In Communication: While other technologies use static models to assess deviations from “normal communication”, these models cannot be used for IoT devices due to the irregular communication patterns. Because data patterns that are indications of an incident or attack in a conventional IT infrastructure can be completely normal behavior in an IoT infrastructure.
In addition, it should be made aware that security gaps in IoT devices can also give possible hackers access to the secured networks. It would help if you, therefore, thought about how to confirm them before integrating IoT devices.
How To Secure The IoT
The following measures give you an insight into how you can secure your IoT.
- Developing Guidelines: Before IoT devices can be integrated into your company network, you should draw up security guidelines. The guidelines should initially refuse everything, and only checked topics are released via the procedure. When creating such policies, it is important to know each IoT device that needs and what type of data it is transferring.
- Restrict Access Options: Websites such as Shodan make it possible to find targeted IoT devices. This is one of the reasons why IoT devices should not have direct access to the Internet. Instead, IoT devices should be placed in separate networks or virtual LANs and should not have access to critical resources (unless necessary).
- No Standard Passwords: The Mirai botnet mentioned above used traditional credentials against more than 500,000 devices. This clearly shows once again how important it is to use secure passwords for IoT devices.
- Keep Up To Date: Updates and patches should be installed regularly to keep the machines updated. The manufacturer should not only provide updates and patches but should also be provided with a digital signature. This is to ensure that the update process is not falsified and damaged files get into your system.
- Engage And Train Employees: To be complete, you also need to train your employees. In training, you should provide information about guidelines and measures and explain the steps’ reasons.
Outlook: Our Future Will Be Based On Data
The Internet of Things will change the future. It has already done so in many areas. The examples described above show that The Internet of Things has long since found a place in our everyday lives and our companies.
While 30 billion networked devices are assumed for 2020, the forecast for 2025 is significantly higher. More than twice as many IoT devices, namely 75 billion, are forecast for 2025. These figures make it clear that the Internet of Things will continue to grow strongly.
The strong growth is not surprising when we consider that the future of the world will be data-based. Data is known as the oil of the end, and we all know how great an impact oil has had on civilization over the past few decades. Jobs from the data science environment are also being sought more and more to make sensible use of the amount of data. The Internet of Things fits in perfectly with this change.
What does that mean for the future? We will probably live in smart cities, be treated in smart hospitals and get around with connected cars. But how extensive this change will be and how quickly it will progress remains to be seen.