2. Software updates: Many smart device manufacturers don’t patch or update the software on their devices. If a software vulnerability is discovered, there’s little that can be done to stop it from being exploited without the manufacturer stepping in.
3. Insecure user interfaces: A well-designed product will lock brute force attacks. However, many IoT devices are not well-designed and persistent hackers can manipulate them.
4. Unencrypted communications: Some devices lack basic encryption. For instance, data that is sent between the device and server is unencrypted, potentially exposing personal information such as names and addresses to hackers. Of course, this is just an open invitation if someone is listening in on the device.
5. Poor privacy protection: There are smart devices that amass a mountain of data, such as location information, usage patterns, names, addresses, conversations if it includes voice technology, and more. Often it isn’t clear what privacy protections are in place to safeguard data.
6. Malware: Malicious code that targets smart devices has begun to surface, with a notable example in the Mirai botnet. This is simply because some IoT devices are poorly designed and exposed to cyber attacks. We’ve also already seen additional IoT botnets created from Mirai that target IoT devices.
7. Hacker attacks: Given the growing number of devices in play, it’s hardly surprising that hackers are turning their attention to IoT. Common hacking techniques such as buffer overflows, code injection, and spoofing have already been detected. These and other attacks are going to become increasingly commonplace.
8. Unsecured ports: Many smart connected devices use unsecured ports. This is another major flaw. It allows hackers easy access to a device for exploiting its existing vulnerabilities.
Clearly many consumers are aware of the security issues. They may not know or understand the details, but there is a growing consensus that, by and large, smart connected devices can be vulnerable. In short, there’s a growing awareness that smart devices can be a hacker’s dream and a cybersecurity nightmare.
This is driven by widespread media coverage of IoT hacks—whether it’s the Mirai botnet taking down some of the biggest web operations in the U.S., a parent and baby being stalked by a hacker who has taken control of a baby cam or hackers remotely controlling utility services in a building.
CSPs, however, are perfectly positioned to successfully address these issues. They already own the network and provide connectivity and Internet services. CSPs already offer some network security services, provide content such as TV, and have established billing relationships. Moreover, bundling services is second nature. Most importantly, they are also trusted brands.