A Look Ahead at IoT in 2022
This last year was no exception when it came to the threats to IoT and other connected devices. Across many factors, the risk posed to connected devices has only increased alongside adopting the same. Toward the end of 2018, there were an estimated 22 billion IoT devices online, and that number is expected to exceed 50 billion by 2030. At home, we are adopting connected devices at a breakneck speed. According to Economic Times, they estimated ten connected devices per household in the end of 2020 and expected to grow to 50 devices by the time this year is over. Add to this that in 2022 worldwide spending on IoT and other connected devices will exceed $1 Trillion.
Ransomware and Malicious Actors
There has been little movement to better secure or regulate these ubiquitous devices despite the growth in numbers. As the attack surface of connected devices grows, so will attacks. We can expect a steadily increasing amount of ransomware and other attacks in the coming year, just like we have seen for many years running. IoT devices provide a very tempting attack surface for malicious actors. A significant number of connected devices have default services and passwords that run automatically, making them an easy target to enter into your corporate network and distribute ransomware or exfiltrate sensitive data.
Way back in 2017, it was estimated that 127 new devices are connected to the internet every second. Five years later, we can only surmise that number has grown to match the increased adoption of these devices. With devices being added at such a pace, it is not a stretch to understand that most of these devices are simply plugged in and turned on with no security in mind. This is riskier for connected devices than for traditional endpoints because connected devices are designed to simply work when plugged in with little to no intervention from the person installing them. These devices are designed for convenience over security, and unless you take active steps to change this, each new device dramatically increases the risk to the network.
What Can Be Done?
IoTSecure had been working for years to help deal with precisely these issues. We created the IoT Security Appliance (IoTSA) in two formats: the IoT-mini (a free, plug-n-play IoT security solution for 1 network) and the IoT-max (for enterprises). These security appliances are designed to fill in the gaps in the current vulnerability scanning and asset management software and programs that most organizations use today. With the IoTSA on your network, it will crawl around and find devices that cannot be managed by traditional management programs like Active Directory or endpoint protection agents. The IoTSA, after categorizing and inventorying the devices, will then check each unmanaged device for threats. These threats frequently present as default passwords or services running that are vulnerable to attack.
The IoT security solutions are designed to complement your current programs and, as such, will allow you to ingest and use the information provided by our platform in any way you see fit. For example, feed the data into your NAC for IoT device control or into your SIEM for your SOC/NOC to monitor or have it send alerts to your ticketing system or helpdesk whenever a vulnerable device is discovered.
Find & Identify Your IoT Devices and Vulnerabilities in 5 Minutes. Free to Try & Keep on 1 Network