How IoT Vanity Projects Leave You Vulnerable to Botnet Attacks

Posted on March 31, 2017 by City A.M.:

Earlier this year an American university noticed its internet was faltering, and essentially unusable.

Further inspection revealed that its IT system had been taken over by an army of connected drinks machines, hijacking and throttling the connection, sent on a rampage to overwhelm the network with hundreds of requests for seafood.

Thankfully, for both the students and the crabs, a heroic IT professional was able to diffuse the situation before the likes of Jack Bauer had to be called in. However, the case is another reminder of the havoc poorly planned Internet of Things (IoT) initiatives can cause within organisations.

Before you leap

There has been a boom in IoT that will not wane. A predicted 21bn connected devices will be online by the year 2020 – a threefold increase on 2016. But just because a device can be connected does not mean that it should be.

Often, companies run before they can walk, implementing IoT projects with no real business objective, which leaves them open to greater cyber risk. Not fully understanding the business outcome or the critical underlying IoT infrastructure can lead to a fragmented solution that may not be secure, sustainable or scalable.

To connect, or not to connect?

Each IoT device is a potential entry point into the network, which means that IoT can't be just a vanity project. Businesses need to be clear about the value of the data they are collecting. It's not just about sticking a microchip in a fridge; but a coffee shop chain can define clear value in connecting their fridges to an analytics programme which maintains optimum temperature and keeps a panini at its best. Armed with a clear goal and an analytics function to match, any business can sidestep vanity and achieve standout results.