October Cyber Awareness | IoT security – beyond connectivity into risk
As we step into Cyber Awareness Month this October, organizations must take a closer look at how new technologies like IoT, AI and advanced wireless standards are transforming the threat landscape. Many emerging solutions remain under the radar. The integration of these innovations into network (on-premises and cloud) infrastructures brings both opportunities and challenges, especially when it comes to security and business continuity.
The convergence of AI and IoT (AIoT) | The sharp paradox
AI is beginning to merge with IoT devices, creating what is known as AIoT. The integration of AI into IoT assets, enables them to collect, analyze and act on data autonomously. In a typical IoT setup, connected devices (like sensors) gather and send data to be processed, often by centralized systems. However, by embedding AI into IoT, these devices can:
- Make decisions locally: AI algorithms enable devices to process data in real-time without relying on cloud servers, allowing faster responses
- Predict and optimize operations: AIoT systems can predict trends, such as machinery failure in Industrial IoT (IIoT) and automatically schedule maintenance before issues arise, leading to predictive maintenance
- Enhance automation: AIoT devices can automate processes based on intelligent decision-making
It is important to keep in mind that AI algorithms are not immune to manipulation. Cyber criminals can exploit vulnerabilities in AI models, poisoning the data to force IoT devices into unsafe behaviours or decision making. For example, compromised AI models used in IIoT environments could cause sensors to give false readings, disrupt operations or damage equipment. In addition, AIoT devices are inherently complex. Rule of thumb in the cyber security realm: the more complex the device, the harder it is to secure. The combination of IoT and AI means that security must be applied to the hardware, firmware, software, communication protocols and AI models, as each of those can be targeted separately by cyber criminals. Best practice would be to implement AI security measures in a very early stage. As AI becomes integrated into IoT devices, organizations and especially CISOs should focus on AI model integrity and explainability, ensuring they are resilient to tampering.
No click, all damage | The growing threat to IoT networks
Zero-click attacks in IoT environments are one of the most insidious cyber security threats and are often underappreciated. Unlike traditional attacks that require some form of user interaction, zero-click attacks are exploiting hidden vulnerabilities in IoT devices, all without any user involvement. This makes them extremely dangerous, as the attacks can go unnoticed until significant damage is done. What many people don’t realize is that IoT devices are particularly susceptible to these attacks because of their limited computational power, outdated firmware and often weak security protocols. In many cases, IoT devices are deployed in large numbers with little oversight, creating a vast attack surface for cyber criminals. For organizations, the critical blind spot is often in underestimating the sheer scale of the IoT threat landscape. Along with how easily a single compromised device can turn into an entry point to more critical systems. Traditional security frameworks often overlook the fact that many IoT devices operate autonomously and aren’t monitored as closely as other endpoints, leaving them ripe for zero-click exploitation. General best practices are continuous monitoring, regularly patching and employing network segmentation. Another often overlooked aspect is collaboration with device manufacturers to ensure “secure by design” principles are applied from the outset, as many IoT devices lack robust security out of the box. Understanding the sophistication of zero-click attacks and integrating IoT specific countermeasures is essential for any comprehensive cyber security strategy.
5G and IoT | High-Speed Innovation, Low-Speed security?
The rollout of 5G is a game changer for IoT assets, allowing faster data transfer, lower latency and the ability to connect a massive number of devices at once. This opens the door for advanced applications like autonomous vehicles (Internet of Vehicle, IoV), Smart Cities and remote surgeries. But what about the security implications of 5G? And especially in critical infrastructure? New attack surfaces emerge with 5G. 5G introduces network slicing, a feature that allows different virtual networks to run on the same physical infrastructure. While this improves efficiency, if not properly secured, a breach in one slice can provide access to other slices, including IoT assets. Other challenge that we don’t hear that much from is, massive IoT (mIoT) not to confuse with IoMT (Internet of Medical Things). 5G supports a massive number of IoT connections, significantly increasing the potential points of entry for attackers. This means micro-attacks on thousands of small devices could aggregate into larger attacks targeting sensitive systems. Best practise here would be to use slice isolation to prevent unauthorized access and data breaches. And of course, strong authentication and encryption, using the principles of Zero Tolerance will make sure your IoT device fleet will stay safe while using 5G.
New Wi-Fi standards and IoT | Faster connectivity, greater risks
The advent of Wi-Fi 6 (802.11ax) and the upcoming Wi-Fi 7 (802.11be) will provide significant improvements in speed, efficiency and device density for IoT environments. These standards will be critical for supporting Smart Cities, connected healthcare assets and other bandwidth-intensive IoT applications. However, the security concerns associated with these new standards remain underrated. What’s not widely known, Wi-Fi 6’s focus on efficiency and that brings new vulnerabilities. Wi-Fi 6’s improved ability to handle multiple devices on the same network could lead to denial of service (DoS) attacks, where a flood of low-level IoT assets could overwhelm the network’s capacity. Plus, Wi-Fi6 increase traffic complexity, Wi-Fi 6 and future standards will facilitate multi-device mesh networks. This inter device communication can become a weak point if an attacker compromises a single device and uses it to propagate malicious traffic to other IoT assets, infecting the complete IoT ecosystem. Needles to state that organizations need to harden their Wi-Fi networks. Ensure that secure device onboarding is in place. Recommendation is also to monitor traffic at device level and not alone that, but also between IoT devices to detect lateral movement or other anomalies (i.e. propagation attacks).
The Supply Chain Risk nobody is watching
IoT devices depend on a vast and often non-transparent supply chain, with components sourced globally. This creates a unique risk, the integrity of these devices could be compromised long before they reach the consumer or enterprise. Hardware Trojans, counterfeit components or backdoors introduced during manufacturing can create vulnerabilities that are nearly impossible to detect once the devices are deployed. Seldom you hear about hardware-level attacks. Hardware-level attacks are very hard to detect. Cyber criminals can introduce malicious code or backdoors at the chip level, making them undetectable by conventional software-based security solutions. These compromised components can later be exploited to attack the devices. Another danger is dependency on untrusted suppliers. Many IoT devices, especially low-cost consumer devices, use components from suppliers with poor security practices. This creates a hidden risk for organizations, relying on these devices. General advice here is demand supply chain transparency. Only work with IoT manufacturers that offer supply chain transparency and ensure that components are sourced from trusted, secure suppliers. Luckily, we see many mandatory regulations requiring a secure supply chain ecosystem (CRA, NIS2 etc).
The threat is real, but so is the solution!
Employee education is a vital line of defense in today’s evolving cyber security landscape. Cyber awareness training must be continuously updated to reflect modern threats, such as sophisticated social engineering tactics, AI-driven attacks and advanced malware. It is an on-going process. Cyber criminals are increasingly leveraging these cutting-edge techniques to bypass traditional security measures, making employees the first and often the last line of defense. Training should go beyond basic phishing detection, incorporating scenarios that expose workers to the complexities of AI-generated phishing emails, deepfake attacks, and malware designed to evade detection. By educating employees on the latest threats and providing hands-on training to recognize and respond to suspicious activity, organizations can significantly reduce the risk of breaches. Modernizing cyber awareness training ensures employees are equipped to handle these emerging threats, making them an active part of the security infrastructure rather than a vulnerability. Cyber security is no longer just about defending against known threats; it’s about anticipating the next wave of attacks and being prepared to respond. This October, make cyber security awareness a year-round priority by staying ahead of the curve with proactive, innovative defenses.