When construction companies deploy IoT solutions, companies which provides these solutions collect data from various sources and store it in their cloud network for processing. This is a threat to the privacy and creates a risk of security breach in the cloud network. Most of the industries deploying IoT contain valuable information which, if breached, could result in serious reputation loss for the cloud provider and the company.
One of the major attacks on IoT networks is due to insecure network services. This would allow intruders to obtain unauthorised access data stored in IoT devices and lead to attacks like Denial-of-Service. Another cyber-attack possibility arises when data is shared among IoT devices without encryption. Intruders could sniff the data and could capture the data transmitted from one device to another.
Insecurity in the web interfaces built into IoT devices could also lead to cyberattacks. An intruder can gain easy access of the IoT device through a weakly protected and designed web interface. It could also lead to issues such as SQL-injection and Cross-site scripting (XSS).
As IoT technologies and adoption level increases the possibilities of cyber threats also increases. One major challenge in curbing cyber-attacks is the lack of cyber-attack reporting by companies for fear of loss of reputation. Companies can curb cyberattack by ensuring that the data is encrypted using standards/protocols such as SSL and TLS. Another way to counter cyber attacks is to avoid using proprietary encryption protocols. This is because protocols such as SSL and TLS are tested and secured by several group of people and is more secure compared to a proprietary standard. Another way of securing the account is to avoid using default passwords and usernames across IoT networks. IT administrators should make sure that weaker passwords are not input in the system.
– Arjun Das,
Senior Research Analyst,