Network Cultures: Security Implications of the Proliferation of IoT Devices

Student Name
Prof
Course
Submission Date
Network Cultures: Security Implications of the Proliferation of IoT Devices
This is the era of the Internet of Things (IoT) because devices that are connected digitally are being adopted in almost every aspect of human life including cars, offices, homes, and human bodies. Some of the factors leading to the fast growth of the IoT is the wide deployment of Wi-Fi networks and the advent of IPv6; studies carried out predict that the number of devices that will be connected wireless will be more than 40 million by 2020 (Sen and Bagchi 74). IoT has enabled technology users to do things that could otherwise not have been done without it. However, the proliferation of these digital and wireless devices leads to various security implications. It has become a target for most cybercriminals. Connection of more devices implies more exposure to attack vectors and higher chances of being targeted by hackers. Unless this issue is addressed pretty fast, it might soon turn out to be an inevitable disaster and limit the efficiency of the Internet of Things. This essay focuses on such implications.
Specific Security Issues Associated with IoT Products
Unauthorized Access
One of the most common security issues that are challenging the use of smart devices is their resilience against exposure to different types of physical attacks (Stergiou et al. 964). Most IoT objects failure to get attended, making them an easy target for malicious actors who capture them and then modify or meddle with the programs, extract cryptography secrets, or replace them with other devices that are already pre-exploited and controlled by the malicious actor.
Devices that are built for capturing login information about a user at the source level are also a source of concern. An illustration of such a device that is built manually is the USB wall charger that is capable of cracking Microsoft keyboards that are wireless and then sending the data wirelessly to the device set up or used by the attacker (Mahmoud et al. 336). Such unauthorized access mainly results in creation of perceptible risks to the physical safety of the device, despite the fact that access of IoT is possible although from afar. Some reports also show that it is possible to hack insulin pumps remotely and deadly doses of medicine delivered or scheduled injections skipped. Additionally, various experiments conducted show that a built-in telematics unit can be used to fully access the internal computer network of a car without necessarily touching the car. Data in the internal computer system of the car is manipulated and then a code delivered to another computer that is connected to the IoT device to facilitate synchronization of data.
Encryption
The issue of the impact of proliferation of IoT devices on encryption can be analysed by considered three cases related to the issue under study. In 2014, a security firm in Israel discovered cases of vulnerability in a telematics device that had been developed and fabricated by Zubie, a connected-car start up based in the United States (Tardieu et al. 255). The researchers also established that the hardware that Zubie had developed for tracking the performance of a car and issuing instructions to drivers on how to improve driving efficiency had failed to encrypt proper communications between the server and the device (Coppola and Morisio 24). The researchers used the information and data that they had collected from the study in demonstrating how this weakness could be easily exploited by hackers and used in sending malicious updates to the IoT device, stealing data on the performance and location of the car, as well as unlocking the doors remotely.
The cases highlighted also prove that IoT devices face various operational constraints that should be considered when any security measure is to be implemented. The security of data transmission such as encryption can be enhanced by ensuring that the processing power is high (Ibtihal and Hassan 316). However, some companies might take advantage of this incapability when processing personal data, leading to provision of loose security. It is also notable that very few consumers would be willing to compromise their safety for the sake of the IoT devices. This signals the need for alternative methods of ensuring that data processing is carried out safely need to be introduced.
This implies that in cases where reducing the capacity of resources may result in exposure of the communication taking place between the connected devices to risk, developers should ensure that the inter alia and data collectors are in compliance with the concept of data minimization (Shankar et al. 122). Additionally, processing of personal data should also be limited as much as possible, with more focus on the data that is stored on the connected devices to ensure that the absolute minimum required devices are achieved.
Another cause of security concerns when using IoT devices is failure to configure the machines especially when they are required to be accessible through the Internet. As such, operating the machines using default settings increases the convenience of cyber-villains accessing the devices. As such, measures should be taken especially when the devices are running on default settings (Lee et al. 89). Such measures will help in reducing the exposure of the devices to hackers. Network access should be restricted, non-essential functionalities be disabled, and avoiding using update and untrusted software sources; such measures will narrow down the attacking surface for the various data breaches [19]. Developers should ensure that these protective measures have been built into the devices from its outset. This would also be a direct application of the ‘Privacy by Design’ principle.
Updates and Patches
It is crucial to ensure that connected devices are regularly updated so as to ensure that their immune to extremely complicated cyber-threats is retained (Lee and Lee 1152). The risk of exposure to cyber-attacks is increases when the users fail to update the patches as frequently as required. Besides, evidence from previous studies shows that most companies prefer updating their smart ‘things’ through remote approaches.
There are several reasons that account for this factor. One of the major problems that is facing most firms is that most of those that are involved in developing low-end devices lack adequate economic incentives to continue giving support (Ray, Jin, and Raychowdhury 76). This results in negative effects as the proliferation of such devices once sold to customers exposes them to data insecurity since the IoT unit is unsupported and is characterized by various security details. It is also notable that most of these IoT products are built from cheap, locally available chips as well as other materials. This is one of the factors that lead to companies failing to offer security patches for such devices and IoT products.
On the other hand, it is also possible in some cases that the IoT vendors lack the necessary technical expertise that they can apply in developing the required updates. In most cases, the main issue causing such problems is the lack of reliable communication channels that can be used by the company in delivering the patches remotely. Such companies find it more profitable to let their customers visit their websites and download and install the patches manually (Alfaqih and Al-Muhtadi 87). From the customers’ point of view, this may not be considered a desirable approach for the customers due to the fact that most of customers face serious challenges in the installation of such devices; 67 percent is sometimes not even be aware such a device exists (Yaqoob et al. 444). There are also situations in which the vulnerability of a security is identified after the production of the IoT device, making it difficult for the data controllers to develop an update for it or even applying a patch to it. However, most consumers never find out about the absence of such remedies.
Another weakness that was established in the existence of unpatched vulnerabilities during the use of IoT devices is that their indexing can easily be done using search machines which have been specifically specialized for the purpose (Maple 155). When customers become aware that such vulnerabilities exist, sometimes it is impossible for them to get access to the vendor’s update because of hardware limitations as well as the technologies being out of date and thus preventing the IoT device from giving support to the required software updates. This calls for the need for customers to be informed on occasions when the IoT devices that they use are at a high risk of exposure to dangers owing to unfixed flaws in the devices. In the event ...