What Cybersecurity threats are Canadians facing in the era of IoT?

Cyberattacks are on the rise, impacting people, businesses, systems and organizations with potentially devastating and far-reaching effects. In fact, 30% of all Canadian companies suffer up to 20 cyberattacks in a 12-month period, with over 63,000 cyber incidents happening in 2020 alone.

These numbers are expected to increase further as we usher into the era of the Internet of Things (IoT), where internet-connected devices have widely changed how we behave and do business. With internet-connected assistants and smart systems, companies – Be it manufacturing, retail or logistics – are adopting viable solutions to automate and streamline time-consuming and mundane activities.

While IoT brings conveniences and efficiency, there is one major concern that users including Canadians need to consider: Security! Anything that’s connected to the internet has a potential risk of being compromised or hacked. This is particularly alarming given the amount of personal and sensitive data IoT devices gather and utilize.

Here we have listed down the top-most security concerns IoT poses to Canadian users:

Zero-Day Attacks

In January 2020, the Network of Health Science North in Ontario was infected by an unknown computer virus, affecting over 20 hospitals and forcing them to shut down their network in an attempt to prevent the further spread of malware.

As reported by CBC News, the virus was identified as a “zero-day” exploit, which can worm its way into the network by tricking existing installed antivirus software. Cybersecurity experts believe these zero-day exploits are becoming more sophisticated hacking tools and could pose a major threat in 2021.

Malware

According to Statista, 58% of Canadian companies were affected by cyberattacks using malware, whereas 20% of companies had been the victims of network scanning.

That said, companies using open and unencrypted networks are usually at higher risk of malware infiltration than companies using encryption-providing tools such as VPN in Canada. According to Palo Alto’s report, 98% of all IoT device traffic is unencrypted, allowing malicious actors to intercept the data using a man-in-the-middle attack or other eavesdropping techniques and steal sensitive information.  

To mitigate this threat, organizations and individuals should use VPNs to encrypt the networks their IoT devices use to transmit data.

Botnets

IoT devices can easily be turned into botnets for malicious purposes. In fact, some users don’t even know that their devices, desktops, laptops, tablets, routers, printers, or even smartphones have been connected to a botnet.

Created in the 1990s, botnets are internet-connected devices, potentially used for performing DDoS attacks, steal data, send and enable hackers to access the devices and their connection. In 2021, the botnet-related threat is expected to grow significantly due to the proliferation of smart home automated devices connected to the internet.

Compromised Smart Home devices

During the 2020 Consumer Electronics Show in Las Vegas, smart home devices caught attention, but they come with high-security risks. This includes AI-supported speakers such as Google Home and Amazon Alexa, posing great security risks because users easily entrust them with their private information. For example, in 2018, Amazon Alexa was found to have recorded private conversations in several instances, which were then sold to third parties.

Security is usually an afterthought while manufacturing IoT devices. Instead, more focus is given to convenience and easy installation.

Security researchers at Bitdefender cybersecurity firm discovered and reported a vulnerability in Amazon’s Ring Video Doorbell Pro, which could enable hackers to access the targeted users’ internet network and potentially to other connected devices with it.

In some instances, hackers even hacked webcams to stream video output from hacked devices to just about any website. In fact, researchers from vulnerability detection firm “Tenable” found seven security flaws in Amazon-owned “Blink XT2” security camera systems. Upon exploitation, these vulnerabilities could enable hackers to watch the camera footage, listen to audio, and use the compromised device to launch DDoS attacks remotely.

Final Thoughts

The proliferation of internet-connected devices in consumer, business, and healthcare organizations in Canada and their vulnerabilities has created a new security blind spot where cybercriminals can launch Zero-day attacks to hack into devices such as smart TVs, webcams, printers and routers and even your refrigerator. As a result, in 2021, we should expect to see more IoT security threats that are not necessarily present at home but also in our bags and vehicles.  

Other articles from totimes.ca – otttimes.ca – mtltimes.ca