The security challenge facing global IoT projects
By Alex Hawkes|20 March, 2023
Internet of Things (IoT) deployments continue to expand globally, revolutionising the way businesses operate by boosting efficiency and enhancing experiences for customers and employees. But as is the case with many innovations, growth has outpaced security considerations resulting in unforeseen problems emerging as bad actors seek to exploit new vulnerabilities.
Taking advantage of a combination of technologies, embedded devices with sensors, internet connectivity, and cloud platforms, enterprise IoT applications can now automate business processes using contextual information provided by local devices such as machines, vehicles, and other equipment.
IoT growth outpacing security
But in a paper released last year by the UK’s National Cyber Security Centre, the organisation warned:
- It is highly likely that the growing number of Enterprise Connected Devices (ECDs) being adopted by enterprises presents an expanding attack surface, with many of these devices being accessible over the public internet, and with cyber security often being an afterthought.
- It is highly likely that ECDs will be used as an attack vector or pivot point to enable cyber actors to gain access to an enterprise's corporate network for espionage purposes, disruption, or financial gain.
- Deployments of ECDs present a different threat profile from typical consumer use. Organisations often have more knowledge, responsibility and control of networks and cyber security, compared with a typical consumer.
These concerns are materially supported in the State of XIoT Security Report: 2022 from cyber security specialist Claroty Team82, which found that vulnerability disclosures impacting IoT devices increased by 57% in the first half of 2022 compared to the previous six months.
The implication is concerning, in that security considerations are not keeping up with use cases, as IoT systems begin to have a direct impact on people’s experiences in the real world, including the food we eat, the elevators we ride, the traffic we move through, and the medical care we receive.
Part of the challenge is in the applications themselves - IoT devices are also often severely constrained in terms of footprint and available compute and processing capabilities - the result is they often can’t support security clients on-device.
The other thing is that to facilitate ease of use and grow adoption, many of these devices connect to the public internet directly with a public IP address - and that goes across the spectrum, from a fresh coffee machine in the corner of a supermarket, to an industrial sensor in a nuclear power station, both of which have very different implication in terms of the disruption of essential business processes or compromise of vital and valuable data.
There are even search engines like Shodan that specialise in trawling the IoT and cataloguing every publicly visible device out there, making it easy for businesses to identify their vulnerable assets, but also opening up the same capability for the bad guys.
Introducing Edge SIM
With IoT devices and traffic increasingly vulnerable to attacks via the public internet, Edge SIM by Console Connect ensures mobile traffic is not exposed to the public internet, with the world’s first private connectivity solution to dynamically and securely route traffic directly between IoT devices and clouds globally over a private network.
As data volumes and costs rise, Edge SIM also seeks optimisations by connecting devices directly to any of the main cloud platforms, including AWS, Google Cloud, Microsoft Azure, Oracle Cloud, IBM Cloud, Alibaba Cloud and more.
By adding a Console Connect Access Port, businesses can dynamically link their enterprise locations and network environments, including data centres, Wide Area Networks (WAN) and last mile access using wireless connectivity.
A powerful combination of Edge SIM and the Console Connect NaaS platform enables businesses to create their own private virtual “mesh” network between devices, clouds, applications, office locations, data centres and other network endpoints.