As the number of IoT devices grows, so do potential security breaches. Current IoT technologies lack security protocols necessary to protect the data they collect and can often be hacked via Distributed Denial-of-Service attacks (DDoS). That is, smart homes, smart cars, smartphones, and watches utilize IoT technology, yet most of these devices can be hacked and taken advantage of in a matter of minutes.
It is obvious that efficient IoT security measures are missing today, but what about tomorrow? The solution to this IoT problem comes in the form of blockchain. It’s currently being researched by multiple industries to enhance their operations.
IoT is Already Flawed
IoT grows in popularity with each passing year. According to Statista, there will be over 60 billion IoT devices by 2025. To ensure adequate IoT security if a new form of ransomware or malware is developed, companies marketing IoT products will need to provide up-to-date security protocols to every device, whether it be new or old.
However, companies often tend to neglect the security systems of old devices. Once the newer versions of these devices are released, the old ones become no longer profitable enough to maintain.
Other factors making IoT flawed include organizations’ weak cybersecurity policies and users’ negligence. This can make a variety of IoT devices vulnerable to hacker attacks. Let’s take a look at some of the major hacks that have already occurred.
Andrew Auernheimer’s Printer Experiment
In March 2016 thousands of printers from businesses and colleges throughout the US began spontaneously printing anti-semitic flyers. Andrew Auernheimer, an alt-right self-proclaimed “hacktivist,” claimed responsibility for the attack in a blog post saying that the attack was “a lesson in how positively hilarious the IoT will be in the future.”
One man was able to spread hate speech across the nation in a matter of minutes thanks to IoT vulnerabilities. But Auernheimer’s attack is just one of the many successful IoT hacks occurred over the past few years.
Wired’s Jeep Cherokee IoT Disaster
In 2015, Charlie Miller and Chris Valasek conducted a demonstration showing just how dangerous neglecting IoT security could be. In a video by Wired, the two were able to take control of the various components of a 2014 Jeep Cherokee, including the car’s stereo system, windshield wipers, fans, brakes, and accelerator.
During the demonstration, the two hackers also cut the vehicle’s engine while it was driving on a highway, prompting the driver to pull over to the side and restart the vehicle to gain control again. The video of the demonstration can be viewed here.
2016’s Mirai Botnet Attack on Dyn
By infecting various IoT devices, including cameras and baby monitors with malware, a group of hackers was able to bring down over fifty websites operated by the Domain Name System (DNS) company Dyn now acquired by Oracle.
The websites included Netflix, Amazon, The New York Times, Walgreens, Starbucks, Electronic Arts, and those of various other high-profile companies.
The attack was possible because those IoT devices used default credentials upon being shipped to retailers, eventually ending up in consumers’ hands. The Mirai botnet attack was one of the biggest in history and ultimately affected millions of people throughout North America and Europe.
Bring in the Blockchain
Blockchain offers a variety of security advantages that many IoT devices are currently lacking. But first, why are IoT devices so vulnerable to attacks? This is due to a variety of issues:
Issue 2. Single point of failure. Being centralized, these systems provide a single point of failure and often result in data breaches.
Issue 3. Costs. Another problem with current IoT security practices is that they can be extremely costly to manage. Maintaining massive databases requires large server farms and network equipment, which in turn requires high computing power.
Issue 4. Miniaturization. Many IoT devices are made rather small to be more user-friendly and convenient — think of a smartwatch or a thermosensor. Due to this, however, they often lack memory as well as proper processing power, which makes it challenging to ensure the appropriate security level for the data these devices track.
Issue 5. Limited user control. Interaction with these devices are often somewhat limited; therefore users might be unaware if their device has been accessed from an outside source. Meanwhile, these devices might track health, financial data, and other potentially useful personal details for cybercriminals. This signifies the need for greater security measures implemented into IoT devices.
First, it builds trust. Blockchain relies on a distributed ledger which can only be altered through a consensus of the majority of those on the chain. Therefore, if IoT device data is attempted to be changed or if there is any trace of an intruder hacking into the chain, such actions will be immediately detected.
The second perk of blockchain technology is that it reduces the cost associated with current cloud-based systems that will eventually become obsolete as IoT devices continue to increase in the future.
Updates to the security protocols of existing IoT devices can be performed through smart contracts. Smart contracts are automated tasks that operate on the ‘if this then that’ formula.
In essence, companies can build security protocols and then upload them to devices when a certain condition is met, whether that be updates to current systems or after an initially specified amount of time.
Another perk of blockchain technology is its ability to accelerate transactions, or information exchange. Since blockchains rely on distributed ledgers which are shared between nodes in the chain, information can be shared quicker. The data can be viewed by all parties on the chain, with specific information being shared through private chains if needed.
Blockchains also provide a solution for a single point of failure. Current systems rely on clouds which are usually maintained through a single physical data silo and held on the cloud provider’s premises. This is how an attack on this silo can affect all the systems hosted in the cloud.
As blockchain-stored information is shared between nodes, it makes a single point of failure impossible. So if one node is attacked, a system will continue to operate as the security protocols and general functions are distributed across the chain.
You may also like:
Learn how blockchain benefits from IoT
Blockchain is not Fool-proof
Although blockchain might seem like the perfect solution, it also faces a variety of problems.
The first problem with blockchain is that it is still nascent. Not enough research has been conducted for it to be adopted on a wide scale.
At the moment, the main entities benefiting from blockchain are large corporations such as Google, IBM, Intel, and Facebook. Blockchain research and development can be extremely expensive. At the moment, only large companies can afford it.
There are also issues associated with scalability as mostly each IoT device will be a node on the blockchain.
Say, Apple uses blockchain technology for their IoT devices. According to estimates, nearly 33 million iWatches have been sold thus far. That means a total of 33 million different nodes on the blockchain all uploading information to the chain simultaneously.
Multiple reports prove in theory that blockchain can be used to provide greater security to IoT networks. A report distributed by Kaleido Insights titled “The Internet of Trusted Things” gives use cases in which blockchain can be used to increase interaction, identity, and transaction security in IoT devices.
Building Blockchain for Tomorrow’s IoT
Each day brings a new use case, and new security measures need to be introduced for them to ensure breach-proof performance. Although blockchain is not a perfect system, it may be the only technology capable of providing such fail-free IoT security.