IoT devices may have unexpected vulnerabilities

In recent years, devices with Internet of Things, or IoT, capabilities have become all the rage. From wearable tech like smartwatches to data inventory trackers implemented throughout a supply chain, the impact of the IoT revolution can not be understated. However, as these devices become prevalent throughout both daily life and business models, hackers will continue to find new ways to spread malware and steal data from them. With many devices being so new, cybersecurity experts are still finding the best ways to mitigate some common threats.

A growing problem
IoT devices make up a larger share of infections on mobile networks than ever before, according to a new report from Nokia, as reported by Security magazine. IoT infections currently make up almost a third of all infections, a staggering 100% increase from the year before.

The report, titled the Nokia Threat Intelligence Report 2020, highlights several possible reasons for the increase. Alongside the overall increase in IoT devices, a larger share are connected directly to the internet, rather than an internal network; a change the report attributes to the implementation of the 5G network. With connection to a wider network, an IoT-enabled device runs a larger risk of being compromised.

In addition to the rise of 5G availability, the Nokia report observed a sudden rise in threats to IoT devices coinciding with the beginnings of the COVID-19 pandemic, with the monthly infection rate increasing almost 30% over February and March. Experts believe this may be the result of all of the new networks that had to be set up quickly, and possibly with vulnerabilities, to allow for remote work.

Amongst the most common types of threats on the rise, the report lists Info-stealer, mobile spyware and trojans as hackers' infections of choice for IoT devices. Each type of threat has increased its share of total threats over the last year.

Playing catchup
While threats to IoT devices are clearly on the rise, figuring out how to respond isn't always as clear. One issue that cybersecurity professionals face is the wide variance code, and the differences between much IoT code and other devices. According to Giovanni Vigna, a professor of computer science at UC Santa Barbara, this poses a problem for developers of security software, according to the school's website.

"A lot of people think that we can take current security analysis and, with little effort, repurpose it for smart devices. After all, it's still code. But the vast majority cannot simply be repurposed… You actually need new approaches to be able to take this wide variety of targets and execute them and analyze their security," Vigna said, as quoted by the site.

To address the problem caused by custom hardware, Vigna and his team use machine learning to try to emulate the way existing code on IoT devices interacts with its environment, a process that Vigna refers to as being like "reverse engineering." As a variety of IoT enabled devices enter the market, creative cybersecurity work will become a must to keep hackers at bay.

As you create or scale up your IoT network, ensuring security is paramount. Luckily, Perle is here to help. To learn more about what Perle can do for you, read some of our customers' success stories.