You might think it an odd concept that an electric kettle could pose a threat to the IoT. But connect a kettle or a heart monitor to a network and you give a hacker an attack vector.
Apart from the obvious absurdity of some of the devices that you can now connect to the internet (shoes, fridges, cookers spring to mind), the threat is very real.
People in Hong Kong, for example, are connecting all sorts of kettles and monitors and exercise bikes to corporate networks and this is causing a problem.
A report commissioned by Palo Alto Networks looks at practices for securing IoT and is based on a survey of 1,350 IT business decision-makers at organisations of more than 1,000 employees in 14 countries across Asia, Europe, the Middle East and North America.
To illustrate the level of the problem, 91% of Hong Kong respondents reported a rise in the number of IoT devices connecting to networks over the last year.
As a result, 31% of respondents said they need to make improvements to the way they approach IoT security, and 37% said that a complete overhaul is needed.
One critical safety precaution, according to Palo Alto Networks is to segment IoT devices onto separate networks, yet only ‘one in five (20%) of those surveyed reported that they have not segmented IoT devices onto separate networks and only 21% reported following best practices of using micro-segmentation to contain IoT devices in their own tightly controlled security zones’.
The real challenge, as we have said before (and often) is that if you are in the business of building bikes or electric kettles or heart monitors, you do not focus on whether or not it might become a threat to someone’s corporate network, you build it to be the best at boiling water or preventing a heart attack.
What is clear is that if the IoT is to be as ubiquitous as predictions suggest it could, and should, be (Business Insider Intelligence forecasts there will be more than 41 billion IoT devices by 2027, up from 8 billion last year), a lot of education needs to happen to ensure that the electric kettle doesn’t bring down the IoT.
To download the report, click here.