IoT usage could lead to more state-sponsored attacks

credit: Jirsak via iStock

The emergence of the Internet of Things (IoT) as an everyday technology for many businesses could lead to more organisations being left vulnerable to sophisticated hacking attacks perpetrated or sponsored by nation states.

This is according to security professionals surveyed by Armis at a recent Black Hat conference in Las Vegas. In found 93 per cent of respondents agreed that the future of IoT will be more dangerous as the new wave of connected devices opens up opportunities for state-sponsored actors to exploit, ZDNet reports.

Energy and utilities was thought to be the industry most at risk as a result of IoT vulnerabilities, with nearly a quarter of respondents (23 per cent) identifying these companies as vulnerable.

This was followed by healthcare organisations (17 per cent) and the financial sector (15 per cent). Smart city networks, connected vehicles and medical devices were among the IoT devices that could be tempting targets for these state-sponsored hackers.

Previous estimates by Gartner have suggested that by 2020, a quarter of attacks against corporate targets will involve IoT devices, but nearly six out of ten security professionals (59 per cent) at the Black Hat conference believed that figure to be too low.

Armis stated: "It's clear that security professionals are beginning to realise that risky unmanaged devices are increasingly dotting their environments. But the survey shows they don't feel as prepared as they should be to address the risk, and they see more attacks on the horizon."

The biggest challenge identified in IoT security is vulnerabilities, which were highlighted by 38 per cent of respondents. Meanwhile, an inability to patch firmware was named as a concern by 36 per cent of professionals, while 17 per cent said IoT devices that cannot be protected by traditional cyber security tools is a problem.

To address these issues, a quarter of security pros said effective network segmentation was the key to success. Additionally, implementing network access controls (21 per cent), bolstering firewalls (21 per cent) and adding endpoint protection (20 per cent) were all named as among the mitigation strategies respondents expect to use in the coming years.