Fortinet warns CIOs in Malaysia that ‘headless’ devices proliferated by Internet of Things (IoT) present one of the biggest cyber security risks for organisations. Industry experts estimate that as many as 50 billion of such devices will be deployed and connected online by 2020. These devices are expected to generate unprecedented amounts of traffic and data, taxing already saturated access points, networks, data centers and overwhelm the IT department.
IoT devices which are most at risk include infusion pumps or heart monitors used in hospitals, critical infrastructure devices, traffic control or irrigation systems, and inventory control devices to help track and manage supply chains.
“IoT devices are subjected to a wide variety of attacks. These include targeted code injection, physically altering firmware, man in the middle attacks, remotely controlling devices to alter or disable their functionality, spoofing IoT devices, or simply hiding malware in the volume of IoT data,” said Eric Chan, Fortinet’s Solution Consulting Director, Southeast Asia and Hong Kong.
Chan also explained that IoT-enabled devices are often headless, which means their installed monitoring and communications software does not have any sort of user interface. This means you can’t install a security client on these devices or in many cases, even push bulk security updates to their firmware.
“The growth of IoT devices and traffic represents both an opportunity and a threat to today’s digital businesses. Fortinet’s new FortiAP-U series wireless access points provide real time security inspection, unlock advanced internal segmentation strategies that are critical to defend against IoT threats, and allow devices to share threat intelligence across the Security Fabric in order to better monitor and respond to compromised devices,” added Chan.