Jargon buster: cybersecurity
There are predicted to be 20bn to 50bn connected objects globally by 2020. As this number of IoT devices continues to grow, it’s important to understand the security risks associated with this technology.
While many of the types of cyber attacks with IoT devices are similar to standard PC hacking, cybersecurity techniques in this increasingly connected age are improving rapidly. One of the best ways to prevent an attack is awareness, so here are some of the words you need to understand.
More commonly known as hacking, external threats cover the viruses and other methods used to access a network, device, or website. Just like a virus attacks cells, a computer virus will attach itself to legitimate software or files. Once a virus infects one cell – such as an IoT device – it can hack or damage the whole connected network.
Employees can also compromise security, either intentionally or accidentally. This could be in the form of sharing security information or downloading malicious files. It’s important to consider changing passwords and other access information after an employee leaves the company.
Short for malicious software, this covers any software that is designed to infiltrate, damage, or disable connected devices.
Software that locks a user out of the system, or encrypts data, and won’t permit access until a ransom – usually of Bitcoin – is paid. An example of this is the WannaCry NHS cyber attack in 2017.
This software encrypts data so that it is impossible to decrypt and access without the key, which is kept by the attacker.
Networked computers, smartphones, or servers are infected with malicious software that is operated en masse. This can be used to steal data, send out spam or shut down websites.
When a malicious attacker impersonates the software of a device on a network, in order to access the wider network to bypass access controls, and steal data or spread malware.
Intrusion detection system (IDS)
This is software or a device which detects attackers. Any intrusion will be reported to an administrator, or logged in a security information and event management system. An IDS is similar to a firewall, though it also works to detect any internal intrusion, while a firewall will only monitor external attacks.
Intrusion prevention system (IPS)
Similar to an IDS, but an IPS has the ability to swiftly take action on a perceived threat, rather than just report it. For example, this might mean blocking all traffic from a suspicious IP address.
Short for penetration test, this is an authorised ‘hacking’ of a network to scout out any potential weaknesses so they can be fixed.
Public key infrastructure (PKI)
A method of encrypting and authenticating data, using a digital certificate of authenticity, which has two parts: a public and private key. To send a message to a device, its public key is required. However, to read the message the private key must be used. This method of encryption is considered very safe and perfect for IoT devices, as hackers cannot access the private key or fake the public one.
Transport layer security (TLS)
Securing data as it passes between devices. The two computers agree to encrypt data in a certain way, and one may reject the other if it cannot find the right encryption methods in place.
A method of security that uses a person’s unique characteristics, such as iris pattern, fingerprint, or voice. This type of passcode is becoming increasingly popular, as it is extremely difficult to steal or imitate someone’s biometric data. Retina identification is particularly tough to copy, though such systems are expensive.