Home Internet of Things Three groups threaten IoT devices, says expert

Attacks on Internet of Things devices and infrastructures are likely to stem from three groups, with each having of cyber crime and motivated by its own goals, according to Simon Howe, director of sales for ANZ at LogRhythm, a leading security information and event management company.

“Companies are investing heavily in drones, planning to use them for anything from remote monitoring of assets to the delivery of products to end users, Howe told iTWire in an interview.

"Like driverless cars, smart grids, and smart homes that can be remotely controlled, IoT is an increasingly attractive target for criminals who could use them to create damage and disruption.”

Howe said the first groups which would attack IoT devices and infrastructure were organised crime groups that operate globally and have become highly skilled in cyber crime. They have attacked everything from Bank ATM networks and company IT systems to retail and government systems. The motivation was financial gain.

Logrhythm Howe

Howe said the second was state attacks — foreign governments — intent on gaining a political or economic advantage. "There have been instances of government-sponsored attacks that have targeted vital infrastructure in other countries and this is likely to increase as IoT infrastructures grow. The motivation is knowledge and therefore power."

And, he said the third was terrorist groups. These are an emerging threat, but were seeking ways to exploit vulnerabilities and cause disruption, panic and loss of life.

Howe said IoT represented a huge potential attack surface for cyber criminals, because of the vast number of connected devices and because many were developed with little attention paid to security.

"Many connected devices are small and basic that means they don't have a lot of extra processing capacity or network bandwidth resources. They simply cannot support sophisticated security software on the device as is the case with computers or mobile handsets. Add the fact that they are spread across large areas with little hope of physical management and things become even trickier," he said.

But he pointed out that while these factors may make the IoT security challenge seem impossible, one should realise that these devices were still just computers. They lacked the capabilities of PCs but still had an operating system, a user interface and a network connection.

"The devices also produce streams of data, which can be particularly useful when trying to improve their security. There is significant potential to extract this data, analyse it remotely, and use the results to detect anomalous activity," Howe said.

"The techniques used here can be like those used in other areas of IT security. These include log management, networking monitoring, forensics and endpoint monitoring, all of which are valid in an IoT world."

Howe said achieving effective IoT security meant connecting many security tools and streamlining and automating their function. This approach, dubbed Security Automation and Orchestration (SAO), ensures security can be scaled to cover hundreds of millions or even billions of connected devices.

"Rather than trying to install agents on every device, an SAO approach can allow traffic from each to be analysed automatically by tools. If there is any activity that deviates from an established baseline — let’s call it 'known good' — an alarm can be triggered that leads to further investigation by a human," he said.

"A standardised approach like this allows more efficient collaboration between teams and even different organisations. Details of threats identified in one area can be quickly shared with others to assist them with enhanced security."

Logrhythm SAO

Howe said that early detection and neutralisation of threats was critical to ensure security was maintained within IoT infrastructures. Organisations needed to ensure they could quickly respond to threats before damage or losses occurred.

"By taking a structured and thorough approach to security now, organisations can be confident their usage of IoT can deliver significant business benefits without causing any new potential areas for cyber criminals to target in the future," he said. 


With 50+ Speakers, 300+ senior data and analytics executives, over 3 exciting days you will indulge in all things data and analytics before leaving with strategic takeaways that will catapult you ahead on your journey

· CDAO Sydney is designed to bring together senior executives in data and analytics from progressive organisations
· Improve operations and services
· Future proof your organisation in this rapidly changing technological landscape
· CDAO Sydney 2-4 April 2019
· Don’t miss out! Register Today!
· Want to find out more? Download the Agenda



Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips


Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!


Popular News




Sponsored News