Tuesday, 21 February 2017 16:14

Three groups threaten IoT devices, says expert


Attacks on Internet of Things devices and infrastructures are likely to stem from three groups, with each having of cyber crime and motivated by its own goals, according to Simon Howe, director of sales for ANZ at LogRhythm, a leading security information and event management company.

“Companies are investing heavily in drones, planning to use them for anything from remote monitoring of assets to the delivery of products to end users, Howe told iTWire in an interview.

"Like driverless cars, smart grids, and smart homes that can be remotely controlled, IoT is an increasingly attractive target for criminals who could use them to create damage and disruption.”

Howe said the first groups which would attack IoT devices and infrastructure were organised crime groups that operate globally and have become highly skilled in cyber crime. They have attacked everything from Bank ATM networks and company IT systems to retail and government systems. The motivation was financial gain.

Logrhythm Howe

Howe said the second was state attacks — foreign governments — intent on gaining a political or economic advantage. "There have been instances of government-sponsored attacks that have targeted vital infrastructure in other countries and this is likely to increase as IoT infrastructures grow. The motivation is knowledge and therefore power."

And, he said the third was terrorist groups. These are an emerging threat, but were seeking ways to exploit vulnerabilities and cause disruption, panic and loss of life.

Howe said IoT represented a huge potential attack surface for cyber criminals, because of the vast number of connected devices and because many were developed with little attention paid to security.

"Many connected devices are small and basic that means they don't have a lot of extra processing capacity or network bandwidth resources. They simply cannot support sophisticated security software on the device as is the case with computers or mobile handsets. Add the fact that they are spread across large areas with little hope of physical management and things become even trickier," he said.

But he pointed out that while these factors may make the IoT security challenge seem impossible, one should realise that these devices were still just computers. They lacked the capabilities of PCs but still had an operating system, a user interface and a network connection.

"The devices also produce streams of data, which can be particularly useful when trying to improve their security. There is significant potential to extract this data, analyse it remotely, and use the results to detect anomalous activity," Howe said.

"The techniques used here can be like those used in other areas of IT security. These include log management, networking monitoring, forensics and endpoint monitoring, all of which are valid in an IoT world."

Howe said achieving effective IoT security meant connecting many security tools and streamlining and automating their function. This approach, dubbed Security Automation and Orchestration (SAO), ensures security can be scaled to cover hundreds of millions or even billions of connected devices.

"Rather than trying to install agents on every device, an SAO approach can allow traffic from each to be analysed automatically by tools. If there is any activity that deviates from an established baseline — let’s call it 'known good' — an alarm can be triggered that leads to further investigation by a human," he said.

"A standardised approach like this allows more efficient collaboration between teams and even different organisations. Details of threats identified in one area can be quickly shared with others to assist them with enhanced security."

Logrhythm SAO

Howe said that early detection and neutralisation of threats was critical to ensure security was maintained within IoT infrastructures. Organisations needed to ensure they could quickly respond to threats before damage or losses occurred.

"By taking a structured and thorough approach to security now, organisations can be confident their usage of IoT can deliver significant business benefits without causing any new potential areas for cyber criminals to target in the future," he said. 


You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer


QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Ray Shaw

joomla stats

Ray Shaw [email protected]  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!



Recent Comments