UAE Emerges To Be The Favorite For IoT Infiltration
At first glance, having IoT (Internet-of-Things) devices makes our lives easier and more convenient. Imagine today of not able to watch streaming videos from a 65-inch TV in the living room, instead we watch them only on small screens of the laptops, smartphones, and tablets. Or the capability of knowing if there are already ice cubes inside the fridge’s freezer compartment even before we open its door. 19th-century people, if they can only witness what we do in our homes today, they will consider us technological wizards and sages.
But IoT is not always living happily ever after, as some UAE residents have realized recently that their devices were infiltrated by hackers without any visible indication of security breached. We are entering the weird age when Internet-connected refrigerators and TV sets are placing us at risks of data theft and other cyber crimes. Because of the moment that we connect our home appliances to the Internet, it becomes a node, in other words, a computer. Though not as computationally powerful than a typical desktop or laptop computer, IoT devices are computers in their own right.
For hackers, user data is synonymous to money, the more data they steal from unsuspecting users and IoT devices on the Internet enables more targets. “Attackers are following the money to the UAE. They know companies are doing better here than in other parts of the world. Bigger companies tend to have more resources to go after vulnerabilities and shore up their security controls. Attacks all start with stealing with stealing someone’s credentials, that is the main objective of phishing emails,” explained Hussam Sedani, Symantec’s Middle-East Manager.
The real risks of IoT are crypto mining malware, malicious software that infiltrates devices for the sole goal of mining cryptocurrency on behalf of the virus authors. These devices have weak microcontrollers/microprocessors, but collectively in a botnet, cryptocurrency can still be mined.
“Coin mining is very simple. The criminals simply gain access to a system by hijacking devices like smart fridges, TVs, mobile phones or laptops. They take over the memory and central processing unit to mine for coins. They are not stealing any data here. There is no way you can know if a device has been compromised unless you have an advanced security system,” added Sedani.
IoT devices are different from PCs and servers, and there are many cases where security measures have been introduced and patches have been applied to prevent vulnerabilities, so there are no defenses Many devices are left untouched, IoT operating systems are simpler and does not have the flexibility of the desktop OS when it comes to updating itself. The vendors of IoT are having a hard time reengineering their products in order for their systems to be technically feasible for the smooth sailing firmware upgrade as soon as vulnerabilities are fixed by their developers.
With Moore’s Law still in effect, the computational complexity of IoT devices will reach a level that it has enough computing power to allow basic antimalware apps to be installed on them. At this point, IoT devices will have a real-time capability to defend themselves when it comes to malware infection attempts by hackers.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.