IoT article written for Supply Chain Game Changer and permission to publish here provided by Rachel Stinson.
The Internet of Things — IoT, for short — is made up of devices that connect to the internet and share data with each other. IoT devices include computers, laptops, smartphones, and objects that have been equipped with chips to gather and communicate data over a network.
IoT devices have become a part of the mainstream electronics culture that people have adopted into. It is estimated that there will be up to 21 billion IoT devices by 2020, impacting how we interact with basic everyday objects.
There are several things to note about the IoT as it becomes more mainstream, as a key element of the Digital Supply Chain.
More People will be addicted to Technology
The usage of IoT based devices will continue to increase significantly as more people become addicted to their devices and its functionality. People may choose connection to others over security, keeping all information about themselves and their families in their IoT devices, and inadvertently trade safety and security for convenience.
A survey has it that business may in fact start to penalize any employees in their company that disconnect from the internet and reward those who are connected to the internet. The rewards of being online will make more people choose to remain connected to the internet.
More cities will become “smart”
Consumers won’t be the only ones using IoT devices. Cities and companies will increasingly adopt smart technologies to save time and money.
The more data that IoT devices collect, the smarter they will become. Cities will transform into smart cities through the use of IoT connected devices, as they automate, remotely manage, and collect data through things like visitor kiosks, dash cam, video camera surveillance systems, bike rental stations, and taxis. There will be smart traffic lights that collect data on traffic, and use that data to sync lights to peak traffic times.
The government could also use cameras to monitor people.
Artificial intelligence will grow even more
Smart home hubs, thermostats, lighting systems, and even coffee makers collect data on your habits and patterns of usage. When you set up voice-controlled devices, you allow them to record what you say to them and store those recordings in the cloud, and that data is collected to help facilitate machine learning.
Machine learning is a type of artificial intelligence that helps computers “learn” without someone having to program them. The computers are programmed in a way that focuses on data that they receive. This new data can then help the machine “learn” what your preferences are and adjust itself accordingly. For instance, when a video website suggests a movie you might like, it’s likely learned your preferences based on your past choices.
It is expected that many industries will be able to tap into this knowledge to sell products better to customers.
Routers will continue to become more secure
A lot of manufacturers work to get their IoT products to market quickly, so security may be an afterthought. Many consumer IoT devices reside in the home and do not have security software installed on them, leaving them vulnerable to attacks.
A home router has the ability to provide protection at the entry point including password protection, firewalls, and the ability to configure them to only allow certain devices on your network.
5G Networks will continue to fuel IoT growth
Major wireless carriers will continue to roll out 5G networks in 2019. 5G — fifth-generation cellular wireless — promises greater speed and the ability to connect more smart devices at the same time.
Faster networks mean the data accumulated by your smart devices will be gathered, analyzed and managed to a higher degree. That will fuel innovation at companies that make IoT devices and boost consumer demand for new products.
5G in the automobile industry is shifting the industry into a higher gear. The development of driverless cars — as well as the connected vehicles already on the road — will benefit from data moving faster, as the new cars will analyze your data and connect with other IoT devices — including other high-tech vehicles on four wheels.
Unfortunately, the increased reliance on cloud-based storage will give attackers new targets to attempt to breach.
IoT-based DDoS attacks will take on more dangerous forms
The first “Internet of Things” malware, The Mirai malware — a strain of malicious software that can infect connected devices such as DVRs, security cameras, and more using default password and usernames – was introduced in 2016.
The malware turned affected devices into a botnet to facilitate a Distributed Denial of Service (DDoS) attack, which overwhelmed websites with internet traffic. The attack ended up flooding one of the largest website hosting companies in the world, bringing a variety of major, well-known websites and services to a halt for hours.
This particular strain of malware is called “open source,” which means the code is available for anyone to modify
IoT devices may be used to direct other attacks, and may in fact be weaponized. A possible example would be a nation shutting down home thermostats in an enemy state during a harsh winter. Spy cameras may also be targeted, and used to maliciously spy on people.
Security and privacy concerns will drive legislation and regulatory activity
The increase in IoT devices is one reason security and privacy concerns are rising.
As humans acknowledge their dependence on IoT, there will be a consciousness for security around it. There is expected to be more regulatory and technology-based advancements to mitigate threats.
In mid-2018, the European Union implemented the General Data Protection Regulation (GPDR). GDPR has led to similar security and privacy initiatives in several nations around the world. In the United States, California recently passed a tougher privacy law.
With the billions of IoT devices connected to the open internet, how do we ensure these devices are secure?
An option will be to compare AES vs. TLS/SSL. Encryption solves a very complicated problem. When people think about encryption, many will turn to TLS/SSL, however, these protocols don’t cut it for encryption and processing.
The reason these protocols aren’t optimal is they are point-to-point solutions and not end-to-end solutions. When data has to go through many different points on the chain, you are going to have to account for different security protocols and devices. This requires a security solution like AES since it provides end-to-end security, and encrypts the message all the way through. Only devices with the encryption keys can decrypt the encrypted data as it’s sent and received.
AES also allows you to wrap the message body with AES and leave all the actionable data in TLS. Actionable data, for instance, would be temperature information that you are trying to read. In addition, we need to prevent all inbound ports from being open at all costs since this can leave your IoT devices open to vulnerabilities and DDOS attacks.
Devices should only make outbound connections, so that way the door is closed to accessing applications and services behind those open ports. The connection outward can be left open so the device can listen in with a secure tunnel back from the network.
You will have control over data, and can analyse data for many different purposes to make the best possible purchase, marketing, cross-selling and security decisions.
IoT is here to stay because of the convenience that it affords to many people, and there is expected to be significant work carried out around security and regulations to make it as safe as possible.