answer

Running head: IoT 1

IoT 6

IoT

Professor’s name:

Student’s name:

Date:

Make people aware that there is a threat to security

The main challenges encountered with IoT include; device monitoring and management, physical hardening, outdated components, lack of device authentication, and patching and upgrading. In IoT, embedded passwords make it easy for support technicians to remotely access and control devices for troubleshooting and quick installation of multiple devices. Thus it is also easy and fast to use these devices to exploit attacks. With the IoT devices lacking authentication, any network access without authentication makes it vulnerable to unauthorized devices; hence, this becomes the primary source of the attack. IoT devices mostly do not have the interface to upgrade and patch this software; they are vulnerable to attack.

When it comes to physical hardening, it should be considered since any physical contact with these devices would be risking them to attack; such attacks aim to extract information and not destroy the machines. Consumers should know that removing a device such as a micro card can disclose lots of information, and therefore these IoT products should be kept away from intruders. Another main area is the outdated component; it has become difficult and costly to update and replace hardware and software in cases of vulnerabilities discovered thereby; IoT vulnerable devices are still in use.

Design a technical solution to reduce security vulnerabilities

Most IoT devices do not have unique identifiers necessary for managing, asset tracking, and monitoring and Information Technology specialists have not yet put it factual that these IoT devices cannot be monitored on the network. To solve this issue, security must be implemented by exploring the needed controls. This is because often, these IoT devices are not considered as network devices; they work remotely via a network, and IT technologists must embrace it as a measure to attack control. IoT manufacturers that have already sold these devices cannot address the security issue since they are already being used. There are no ways to upgrade, monitor, or track any activity remotely.

There has been a rise in data breaches with a 60% increase in America since 2015; thus, more opportunities for attacks from hackers arise. There has been a rush in the manufacturing sectors when producing these IoT products since the objective is to sell large quantities without considering the work's quality, including security. These manufacturing companies should address protection; most of these IoT things require authentication, and they store compassionate information about our credentials. For instance, Alexa and Google's products constantly record every voice in our homes and workplaces.

The information recorded can be used by attackers to take control of our day to day activities. Typically, IoT in dry cleaners and ridges and many devices in our homes are remotely controlled by the owners at any time or place. If the hackers hack into these devices and get the credentials necessary for the control system, they would be able to control and perhaps damage every tool in our home places. The more the IoT devices are used, the more they are hard to control; in the workplace, most machines are used for 24 hours in a day, making it hard to install updates completely. Therefore, these gadgets' weaknesses are not okay and led, making them vulnerable to attack.

Align the legal and regulatory frameworks;

Internet of things (IoT) has made practitioners to develop steps for handling insecurities arising from these scenarios, which include; security threats of IoT are made known to people, reducing security weaknesses by designing technical solutions, rules and regulations must be aligned with these frameworks, and skilled workforce must be established. Homes and workplaces are now full of IoT across the United States, intending to make things quick and easy. Internet connectivity has turned to another dimension due to IoT, and vulnerabilities are increasing rapidly; hackers are exploiting every day, resulting in fatal damage.

Attacks in IoT systems are categorized into two aspects; those that attack other targets using IoT devices and those that the end targets are IoT devices. Without proper security integration, organizations are at high risk due to new changes in the environment. Twitter, Netflix other major websites went down for an hour in 2016; a Denial of Service attack was exploited and flooded Dyn with massive traffic that could not be led by their servers, which took control of over 60000 IoT devices. Mostly the attacked devices were IP cameras and routers an attack using Mirai IoT Bonet. Furthermore, the strategy to safeguarding IoT devices in the workplace and homes is to understand what IoT devices are on the network and where they are in the network topology. All devices must undergo authentication and those failing to be authenticated can be identified to adhere to this strategy. Configuration of these IoT devices will be more straightforward, and rogue devices will be discovered.

Develop a workforce with the skills to handle IoT security

Instead of using embedded passwords, IoT manufacturers should provide users with an interface to create strong passwords and easy to change the password in intruders. The architecture of these IoT devices should allow authentication before joining to a particular network. The manufacturing companies continuously should integrate proper update and patching measures, typically, either through an automatic or one-click process. Constant monitoring should be done to the IoT devices as a measure for proper physical hardening. For instance use of security officers to ensure the tools are not touched by unauthorized personnel. Manufacturing companies should include IoT devices in asset tracking, management, and monitoring systems; typically, by introducing unique identifiers in all gadgets. Consumers can ensure that manufacturing companies stick to security by refusing to buy these IoT products if no proper security architecture is integrated.

Wi-Fi passwords are stored in the devices, and hackers can create exploits to the entire network by gaining access to the IoT devices; which risks the data stored in IoT devices such as personal information and banking details. Before marketing any IoT product, security must be considered to protect consumers' data across all their networks. It would be shameful to the consumer if an attacker monitors everything at home or the workplace by gaining access to the camera control system. This would be an issue of privacy invasion, and footage can be easily formatted.

References

Adryan, B., Obermaier, D., & Fremantle, P. (2017). The technical foundations of IoT. Artech House.

Chapter 17 – IoT security framework. (2017). IoT Security Issues. https://doi.org/10.1515/9781501505775-022

Gilchrist, A. (2017). IoT security issues. Walter de Gruyter GmbH & Co KG.

Vermesan, O. (2018). Advancing IoT platforms interoperability. Advancing IoT Platforms Interoperability, 1-92. https://doi.org/10.13052/rp-9788770220057