The consumer IoT (Internet of Things) installed base will reach over 15 billion units by 2021, an increase of 120 per cent over 2016. But this vast scale mat lead to an unmanageable cybersecurity risk, said research group Juniper.
The researchers said embedded connectivity is increasingly being used as a product differentiator. Juniper cautioned that the vast scale of this connectivity will, unless action is taken, lead to an unmanageable cybersecurity risk created by botnets in excess of one million units.
Juniper’s latest research, called “Internet of Things for Security Providers: Opportunities, Strategies, & Market Leaders 2016-2021”, revealed that recent IoT botnets will prove merely to be the tip of the cybersecurity iceberg.
Botnets were uncovered as a key factor in the largest DDoS (distributed denial-of-service) attack ever recorded last year.
The report found that the use of botnets to disrupt Internet services forms a part of the near-term threat landscape. It predicted that botnets will be used for more malicious purposes in future, impacting consumer, industrial and public services markets.
“Attacks such as those on Dyn last October can be viewed as proof of concepts,” said research author Steffen Sorrell.
“In the medium term, botnets will be used far more creatively — not only to disrupt services, but also to create a distraction enabling multi-pronged attacks aimed at data theft or physical asset disruption.”
The research called on IoT device manufacturers to take responsibility by implementing security-by-design, adding that corporate-scale vendors such as Amazon, Google and Samsung should lead efforts to galvanise other vendors to apply security best practices.
Additionally, the research found that the market is wide open for challenger cybersecurity vendors. It highlighted providers such as Crossword and Positive Technologies who are using machine learning to disruptively protect against DDoS and malicious network activity.
It predicted that the industry will be forced to move beyond traditional signature-based detection methods in the near term in order to address IoT cybersecurity effectively.