As we all know, the world of cybersecurity is an ever-evolving, fast-growing industry that can be tough to follow at times. For example, we have seen a rapid upsurge in the use of smart devices and with that, an increased risk of cyberattacks. This has not been limited to private households either. Rather, the logistics industry and private vehicles are also at risk of being hacked. Indeed, as individuals and industries increasingly move online, this inevitably leads to an accumulation of data in mammoth proportions. When access to this data is left uncontrolled, this could potentially destabilise the digital society. In other words, as Petr Lahner, Business Executive Vice President for the business stream Industry Service & Cybersecurity at TUV Rheinland, explains, “…it is particularly serious that cybercrime is increasingly affecting our personal security and the stability of society as a whole.” As such, it is critical that we fully understand these trends. Fortunately, TUV Rheinland, a leading international provider of testing, inspection and certification services, has offered us an in-depth report outlining seven cybersecurity trends to look out for this year. So, what are they?
When one requests for a company to disclose the personal information they hold on him or her, it may come as a surprise to receive as many as 800 pages. Yet, that is exactly the predicament that Judith Duportail found herself in 2017, after asking a dating app company to send her any personal information they had about her. They had tracked everything from her Facebook likes and dislikes, to each individual conversation she had with all 870 of her matching contacts since subscribing to the app four years prior. This not only highlights the immense build-up of data that occurs today but the lack of transparency regarding its processing and security. While governments do appear to be picking up on the ethics of big data with the introduction of GDPR and the CCPA, such laws tend to be highly subjective; thus, leaving room for businesses to choose an interpretation favourable to their own self-interest.
From smart speakers, to smart watches, to even smart locks and lights, the Internet of Things show no signs of slowing down and is swiftly becoming a fundamental part of our lives. This multiplies the cyber security challenges, previously confined to servers and personal computers, by hundreds, if not thousands in size. With hundreds of billions of devices to monitor and defend, the risk of exploitation is bound to sky-rocket.
With the advent of the Internet of Things, comes the Internet of Medical Things. Medical devices such as defibrillators, pacemakers as well as heart and glucose monitors are progressively becoming connected to the internet. However, software vulnerabilities expose both individuals and entire product classes to potentially fatal cyberattacks. Moreover, there has been little investment dedicated to their maintenance and repair, or to the management of data that such devices hold, including after their official lifespan comes to an end.
Proprietary software and hardware platforms are allowing vehicles and traffic infrastructure to become ever more integrated which helps to give drivers more flexibility, potentially improve traffic safety and necessitates the development of self-driving cars. Yet, this once again, occasions cyberattacks that could lead to hugely disruptive consequences.
Supply chains are quickly becoming digitalised with the help of IoT, automation, robotics and big data management which, in turn, facilitates a more efficient and economical means for a company to operate. In some instances, it allows companies to virtualise elements such as warehousing. Nevertheless, the amalgamated nature of these networks could easily be exploited by bad actors.
In 2017 alone, over 10 billion tons of goods were transported by sea and this will only continue to grow. There is evidence to suggest that ship navigation, port logistics as well as ship computer networks have faced or are vulnerable to attacks, and they can originate from states and activist groups.
With an estimated 75 billion connected IoT devices predicted to exist by 2025, each with their own software stack, any vulnerabilities will likely be buried in large numbers of products going back many years. This creates a significant obstacle for organisations whose patches become less effective, if even the vulnerability is found in the first place.
It is clear then that there is a lot to think about and prepare ourselves for in the coming year. To read the article in full, click here.