Are IoT Apps Doing Enough to Protect Your Privacy?
IEEE Computer Society Team
Share this on:
The Internet of Things (IoT) opens up a virtually unlimited world of possibilities, but hackers have also put IoT devices and apps within their crosshairs. As a result, these devices often introduce vulnerabilities that impact users and the networks they connect to. Considering the significant role that IoT devices play in industrial applications, there’s a lot more at risk than faulty fitness apps and smart toilets.
The Root Cause of Many IoT Security Issues
With IoT devices, information flows from a device to a large data sink. If attackers can bypass a device’s security protections, they gain access to critical, sensitive backend resources.
IoT devices got off to a bad start, primarily because many of them were sold to users with extremely easy-to-guess default passwords. The problem was the vulnerable device would then get incorporated into a sensitive network. This gave hackers a relatively easy inroad to a network that would have been otherwise difficult to hack.
How Hackers Use Platforms to Gain Access to IoT Apps
The hack can also work in reverse. Because too many platforms have to interface with IoT apps, a hacker can use this interaction against the device itself.
For example, if an enterprise resource planning platform (ERP) that runs a manufacturing business communicates with IoT devices on the factory floor, each device is connected to the ERP. An insider attack by someone with access credentials to the ERP could relatively easily compromise one or more of the IoT devices connected to it.