The #IoT sector is expected to grow to 20.4 billion devices by 2020, and businesses are expected to spend $134 billion annually by 2022 just on cybersecurity for IoT devices

There’s a running joke regarding connected gadgets and the internet of things: “The ‘S’ in IoT stands for security.”

And yes, I’m aware there’s no “S” in IoT.

Oleg Šelajev, a lead developer for Oracle Labs, coined the phrase in 2016, and it pops up almost every time researchers find security flaws with a connected device. And it happens a lot. Think security cameras. Or toys. Or smart locks.

Yet homes, businesses and facilities are stocking up on more and more connected devices, the idea being to make people’s lives easier. The IoT sector is expected to grow to 20.4 billion devices by 2020, and businesses are expected to spend $134 billion annually by 2022 just on cybersecurity for IoT devices, according to Juniper Research.

But more connected devices means more potential vulnerabilities. And the security of these devices hasn’t gotten much better. Researchers have been warning about this issue for years, but the number of threats is only getting worse. The real problem is that no one’s listening.

“We demonstrated problems last year,” Denis Makrushin, a Kaspersky Lab researcher, said at his company’s Security Analyst Summit in Cancun, Mexico, earlier this month. “This year, it’s the same problems, but now with huge numbers.”

Even more distressing is the bigger threat to the more than 8.4 billion IoT devices already available today — especially as security vulnerabilities in old devices keep popping up. So even as politicians and the tech industry look to address this for new products, it’s the legacy gadgets that could prove most vulnerable. It was one of the key themes at the Kaspersky conference, where researchers exposed vulnerabilities affecting decades-old gas pumpsrobots in malls and smart cameras for homes.

Panels at Kaspersky’s 10th annual summit in Mexico took place in windowless conference rooms just a stone’s throw away from Cancun’s sunny beaches. While couples were cooling off by the pool and families were playing in the sand at this popular vacation destination, security researchers were inside showing off vulnerabilities with the gadgets that increasingly run our lives.

It didn’t end with robots and gas stations. Other panels detailed how you could hack a yacht, a car, industrial control systems and hospital tech. The one common thread for all of this research: It wasn’t shiny, new gadgets with security flaws, but devices from years ago. These are the ones makers have moved on from, but people can still buy in stores.

Medical malware

Your typical hospital serves as a case study for how vulnerable we are. Kaspersky Lab’s researchers found 27,716 open entry points for a hacker. Yury Namestnikov, one such researcher, attributes this to a rise in internet-connected devices in hospitals, some of which might not even be medical equipment.

internet-of-things-iot-devices-1705.jpg
IoT devices will number 20.4 billion by 2020. That’s a lot of potential security hazards.

James Martin/CNET

They found issues with the lighting systems, air-conditioning units and printers. Many of them were using out-of-date management software open to attacks. The researchers pointed out that the popular Cancun resort they were staying at might also have these same security issues.

“If you’re an administrator, you need to decide what kind of stuff needs to be on the internet,” Namestnikov said in an interview at the resort. “You need to make inventory, what’s connected and what you should protect.”

Hospitals were among the first victims hit by the WannaCry ransomware attack, preventing patients from getting urgent care while computer systems were locked up. Security is a major concern at hospitals, which hold sensitive data for attackers to target. But hospitals are increasingly embracing connected devices.

“They have to use new equipment to keep up, but they don’t understand a need to adopt security also,” Namestnikov said.

When companies aren’t building their devices with security in mind, it ends up falling on researchers to both find the mess and help clean it up.

Eyes on IoT

There are always new places to find security vulnerabilities.

After successfully hacking the Pepper and Nao robots, Lucas Apa, a researcher from IOActive, said he was interested in a looking at Knightscope, the robot that notoriously was used to disperse the homeless in San Francisco and that comically was found drowned in a fountain in Washington, DC.

For Ido Naor, the Kaspersky researcher who discovered issues with more than 1,000 internet-connected gas stations, he’s always keeping an eye out.

“As researchers, we walk around the world, and check out everything,” Naor said. “Marks, logos, different types of devices we’ve never seen before, and it tickles our mind to look for information about it.”

The scariest thing: Plenty of hackers are probably just as curious.

As seen on https://www.cnet.com/news/iot-attacks-hacker-kaspersky-are-getting-worse-and-no-one-is-listening/

PEOPLE TRUST PEOPLE: The Internet of Things isn’t even so much about things

What the Internet of Things is NOT about

It seems that if your company doesn’t have an IoT strategy nowadays, you might as well quit. But not just any strategy will do. Let’s look at some of the hot topics in IoT today that are unlikely to make a dent in market adoption. Here are some insights from our most recent publication, IoT Developer Megatrends – a short publication on the most important trends for IoT.

iot-megatrends-1

Here’s what everyone knows about the Internet of Things. It’s going to be enormous. We’ll have tens of billions of devices by the end of the decade. This is a multi-trillion dollar opportunity over the next years. All the major players in consumer electronics, mobile, cloud, factory automation, enterprise IT and more will be fiercely competing for a piece of that pie. All this information shouts: [tweetable]if your company doesn’t have an IoT strategy you might as well quit[/tweetable].

Not just any strategy, of course. The history of technology is littered with great concepts and engineering feats that never became mainstream products. It’s worth looking at some of the hot topics in IoT today that are unlikely to make a dent in market adoption.

What IoT is not

A lot of the buzz in the media and on industry forums is about the Internet of Things technology itself. Standards. Security. Privacy. Whether to use Bluetooth, Wifi, cellular or mesh networks. If history is any guide, all of these important questions will get solved over time, but none are an actual roadblock to market adoption. iOS and Android didn’t depend on app standards to revolutionize the smartphone industry, for example.

Meanwhile, product designers have discovered IoT and are adding connectivity (internet) and services to their products with blazing speed. Washing machines, socks, ovens, shoes, cars, door locks, toothbrushes and even flower pots are becoming “smart”. The problem with this “product with an app” approach is that all those disconnected, individual apps will soon become impossible for users to manage.

The Internet of Things isn’t even so much about things. For example, companies like Google-owned Waze achieve better traffic intelligence by crowdsourcing smartphone data rather than through an extensive network of road sensors, typical for a Smart City project. True smart cities have taken note, and are starting to use Waze’s data. Waze literally never shipped a thing.

Breaking Free of Internet and Things

Here’s an uncontroversial, but often forgotten truth. [tweetable]The value of IoT products doesn’t come from the technology or the internet or the things[/tweetable]. Value is created in IoT by making sense of data, turning it into knowledge and meaningful action. It’s not the parking sensor that matters, but finding a free parking spot quickly and without frustration.

This perspective on the Internet of Things has some interesting implications. We predict that the most interesting IoT applications in 2020 will use data that already exists today, rather than new sensors.

Why? Value is created by making sense of data, and many data will have more than one possible source (like in the Waze vs traffic sensor example). New devices will be more expensive to build, install and maintain than solutions that mine existing sources of data. When a solution can be found that doesn’t require new sensors or hardware, it will prevail. Already, companies like Cellint use data from mobile network operators to monitor traffic jams in cities.

Internet of Things is not about how to add a service to my product, but about making my product work with every other service. It’s about how all those sensors, devices, things and services can be integrated into the user’s digital lifestyle. IoT is breaking free from Internet and Things.

Internet of Things (IoT) market is growing by 15% annually.

Worldwide spending on the Internet of Things is forecast to reach $772.5 billion in 2018, an increase of 15 percent over the $674 billion that will be spent in 2017, according to a new report by International Data Corp.

IDC forecasts worldwide IoT spending to sustain a compound annual growth rate (CAGR) of 14 percent through the 2017-2021 forecast period, surpassing the $1 trillion mark in 2020 and reaching $1.1 trillion in 2021.

IoT hardware will be the largest technology category in 2018, with $239 billion going largely toward modules and sensors along with some spending on infrastructure and security. Services will be the second largest technology category, IDC said, followed by software and connectivity.

Software spending will be led by application software along with analytics software, IoT platforms, and security software. Software will also be the fastest growing technology segment, with a five-year CAGR of 16.1 percent.

Services spending will also grow at a faster rate than overall spending, with a CAGR of 15.1 percent. It will nearly equal hardware spending by the end of the forecast, the report said.

“By 2021, more than 55 percent of spending on IoT projects will be for software and services,” said Carrie MacGillivray, vice president, Internet of Things and mobility at IDC. “Software creates the foundation upon which IoT applications and use cases can be realized.”

https://www.information-management.com/news/internet-of-things-market-growing-by-15-percent-annually