4 sectors vulnerable to IoT attacks in 2017


One of 2016’s key events in the tech world was the massive distributed denial of service (DDoS) attack in October that brought many of the internet’s most heavily trafficked sites to their knees.

There were two main takeaways from the event. Firstly, DNS infrastructure is highly vulnerable. And secondly, the growing proliferation of cheap, connected Internet of Things (IoT) devices – webcams, Wi-Fi speakers, wearables etc. – is making it far easier for cybercriminals to launch massive DDoS attacks.

Why? Because many of these devices are shipped with default usernames and passwords, which are never changed by the enduser, and so are easily taken over. Earlier in October, the Mirai botnet malware was made public, and it evidently played a role in the attack.

In 2017 businesses are sure to suffer more DDoS attacks and internet shutdowns powered by cheap, insecure IoT devices. But while these attacks could become more common, they’re also likely to become less lethal as backbone providers harden their defenses and device manufacturers adopt identity-based security to close vulnerabilities.

>See also: Forget the Internet of Things for a minute, what about the Security of Things?

However, the sheer number of cheap AND insecure IoT devices deployed globally will ensure DDoS attacks continue sporadically through 2017.

Catastrophic DDoS attacks might dominate tech media coverage, but the failure of IoT device, service and infrastructure to adopt and scale robust security and privacy tactics will play out in several ways.

Here are four sectors that will face the brunt of this as digital transformation takes hold in 2017.

1. Healthcare

In 2017, the distinction between in-home and clinical healthcare devices will continue to erode.

To date, smart wearables and exercise devices like Fitbits and Apple Watches have been perceived as a means to track exercise in order to further fitness goals – distinct from clinical medical devices like heart monitors, blood pressure cuffs or insulin pumps.

At the same time, it’s become common for patients with high blood pressure to monitor their levels at home by capturing them on a mobile app on their phone – exactly how fitness trackers work.

The wealth of data available to clinicians flowing from such devices is leading to expectations that individuals can and perhaps should play much more active roles in preventative care.

But the ease with which personal health data can now be gathered and shared will increase pressure on healthcare IT decision-makers to turn to identity management and authentication as the technology most effective for achieving security objectives.

The proliferation of digital systems and devices in healthcare settings creates more vulnerabilities where personal data can get exposed or stolen.

By adding contextual authentication and authorisation through strong digital identity, hacking these systems becomes more difficult. For example, adding presence, geo-location and or persistent authentication.

2. Financial services

In 2017, commercial banks and investment houses will continue the race to avoid having their business models disrupted by fintech innovation such as Bitcoin and emerging artificial intelligence technologies.

Banks are already co-opting these disruptive technologies and incorporating them into their own IT mix.

Somewhat ironically, having established relationships with their customers, many legacy banks could be very well positioned to not just weather the digital transformation storm, but emerge even more stable and profitable in the years ahead.

This is especially true for those that embrace omnichannel techniques and technologies to create seamless experiences that delight customers across devices.

Banks in 2017 will work on allaying customer privacy concerns as they cope with regulations regarding data protection and sharing. There will be a continued effort to eliminate internal data silos that create impersonal customer experiences across channels, and fragmented systems that can’t support digital customer demands and business requirements.

3. Retail

The race toward omnichannel will accelerate in 2017 as many retailers and B2C organisations find themselves doing more business via mobile than they’re doing on the conventional laptop and online channel.

Delivering convenience and seamless experiences will depend heavily on providing customers with experiences that are not just secure but also personalised to their needs and tastes.

In order to do this, they must securely connect the digital identities of people, devices and things. This requires solving complex identity challenges and creating solutions that enhance and improve customer experiences and at the same time maximise revenue opportunities.

See also: How blockchain will defend the Internet of Things

4. Communications and media

AT&T’s proposed acquisition of Time Warner at the end of 2016 highlights exactly how vulnerable legacy media and telecommunications firms perceive themselves to be to disruptive forces like cord cutting.

‘Digital pipe’ companies feel like they need to lock in content providers in order to lock in audiences and preserve value. However, regulators may frown on such industry consolidation, and independent players like Netflix and semi-independent players like Hulu and independent cable TV producers continue to find ways to directly insert successful content into the entertainment bloodstream.

Here again, making content easily accessible through the full array of channels is key to locking in loyalty and preserving lifetime value (LTV).


Sourced from Simon Moffatt, ForgeRock

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Internet of Things