2015: IoT becomes the Internet of Threats

by

1 January 2015
Internet of Threats

IoT becomes the Internet of Threats

Hackers will continue to follow the path of least resistance as more and more devices are connected to the network. Vulnerabilities that Black Hat hackers will look to exploit will include consumer home automation and security systems, as well as webcams, which we are already beginning to see. On the enterprise side, network attached storage and routers will continue to be targets, as will critical infrastructure such as human machine interfaces (HMI) and supply chain systems, which will create significant problems with third-party components and patch management. - Fortinet 2015 Threat Predictions 

Things get a lot more complicated

The IoT will bring into the digital security architecture dozens of new platform options, hundreds of variations on hybrid IT/IoT integration and new standards per industry. IT leaders will have to accommodate the differences in technologies across those areas and develop a multifaceted IoT security approach that addresses the entire attack continuum - before, during, and after an attack. - Padmasree Warrior, chief technology and strategy officer, Cisco 

IAM bifurcates

The IoT has introduced new concepts for identity management, since every device interacting with users has an identity — and users and devices can have complex, yet defined, relationships. IAM, as defined today, will bifurcate with identity management assuming a broader entity relationship management role, and access management assuming a broader relationship execution role that replaces or supplements authentication policy and authorisation enforcement. - Earl Perkins, research vice president, Gartner 

Encryption skyrockets

We will see encryption and information privacy converge to become common practices. Today, only 10 percent of traffic to and from one billion websites is encrypted. This is a huge vulnerability - and an enormous potential for growth in encrypted network traffic. - Fortinet 2015 Threat Predictions 

Beware Blastware

This destructive new trend of malware, following Scareware and Ransomware, could lead to the ability for hackers to infiltrate systems, gather data and then wipe out the information on systems and hard drives to cover tracks and thwart forensics. Advanced persistent threat (APT) developers will build in sophisticated self-destruct mechanisms in seek and destroy fashion that could hamper law enforcement and forensics efforts as these resources increase to fight cyber crime. Hackers may also seek to use these tactics for ransom – i.e. to destroy data if ransom isn’t paid in a certain timeframe. - Fortinet 2015 Threat Predictions 

Attention swings to endpoints

Unlike servers, endpoints will always remain physical, and they need to be highly available as well. IT will wake up to the fact that after years of investing in protecting the data centre, attention needs to swing to endpoint protection. - Don Williams, vice president, Asia Pacific, Veeam Software 

Towards context-aware security

Ubiquitous embedded intelligence combined with pervasive analytics will drive the development of systems that are alert to their surroundings and able to respond appropriately. Context-aware security is an early application of this new capability, but others will emerge. By understanding the context of a user request, applications can not only adjust their security response but also adjust how information is delivered to the user, greatly simplifying an increasingly complex computing world. - David Cearley, vice president of Gartner and Gartner Fellow