BARCELONA, Spain -- Cyber attackers are turning their attention to the growing Internet of Things (IoT) space and exploiting potential security vulnerabilities at an alarming rate. According to a report on IoT security commissioned by AT&T, the company has seen a 458 percent increase in vulnerability scans of IoT devices in the last two years.
That figure is likely to increase as more and more companies deploy IoT solutions while neglecting to fully consider the security measures that need to be added to address IoT vulnerability. According to the company's CyberSecurity Insights study, 85 percent of the 5,000-plus companies surveyed say they are considering an IoT strategy, but 88 percent said they lack full confidence in the security of their business partners' IoT devices. Only 12 percent are highly confident in IoT security and approximately 68 percent plan to invest in IoT security in 2016.
One common cyber attack involve attackers reverse engineering firmware, such as that in home security cameras. When this happens, the attacker can get access to the cameras' IP address from a file-sharing website and can take over the cameras' streaming video links giving them access to the camera's video feed.
In an interview with FierceWireless during the Mobile World Congress, AT&T president of Security Solutions Jason Porter said that enterprises need to be much more aware of how vulnerable their data is when an IoT strategy is implemented.
"Companies need to do a risk assessment and figure out what are their 'crown jewels,'" he said. For many that is their customer data and proprietary data. Once their priorities are in place, they can build a security plan.
However, Porter noted that many organizations are overwhelmed by the amount of work a security plan requires, particularly smaller companies. "They need help and want a solution," he said.
Porter added that AT&T's Domain 2.0 program, which emphasizes the virtualization of its network, has helped the company become more adept at identifying and stopping security attacks. "Virtualization helps automate some of those basic tasks like updating policies so our security team can spend their time looking for new threats."
Telefónica flags IoT security risk, calls for common standards
IDC: Global spending on IoT to reach $1.3T in 2019
Sigfox notches up 12th market as it rolls out IoT network in Ireland
Verizon follows AT&T and picks Ericsson LPWA software for IoT
CCS Insight: Wearables and connected home among dominant themes at CES
Telefónica, MTN announce strategic partnership