Keeping An Eye On IoT

Our devices may be able to track our every move, but behind the scenes, experts are working hard to ensure that cyber criminals do not gain access to this information.



What the hack

Despite IoT gateways offering additional layers of protection, things can (and do!) go wrong. Many smaller devices, like those that collect temperature or humidity data within houses, are considered IoT risks as they are unable to run encryption algorithms that ensure only authorized parties can access certain data. This means attackers can infiltrate an entire network through a single chink in the armor.

Typically, hackers begin their infiltration of these devices using Shodan.io, a search engine designed to discover internet-connected devices. In many cases, networks are unprotected, with either a default username and password, or no password at all. Experienced hackers can make quick work of such vulnerabilities to insert malicious code or attack other devices in the network.

In 2016, a major broadband network in Singapore suffered a Distributed Denial of Services (DDoS) attack, resulting in two waves of severe disruptions over one weekend. Apparently, hackers had gained access through compromised IoT devices, namely customer-owned webcams and routers.

In such attacks, web servers are overwhelmed with massive amounts of data—causing them to crash. Using a group of connected computers called botnets, hackers simultaneously spam website or service providers.

To control such a huge number of computers, hackers use malware or unprotected accounts to access multiple users’ systems and create a botnet. With the steady proliferation of IoT devices, it is expected that the total number of DDoS attacks worldwide will reach 15.4 million by 2023.

Jill Arul graduated with a degree in Communication Studies from Nanyang Technological University, Singapore, with a keen interest for science and a passion for storytelling.

Related Stories from Asian Scientist