IoT Devices Vulnerabilities: Expert harps on prevention, gives tips

A tech expert and Co-founder of Eybrids, Ahmed Olabisi Olajide has stressed the need for individuals, corporate organisations and businesses to do everything, within their means, to prevent their Internet of Things (IoT) devices from cyber attacks, so as to save them the huge costs they are likely to incur from such attacks.

Olabisi, in a paper, titled: “Top Vulnerabilities in IoT Devices: What Hackers Target and How to Defend Against Them”, argued that the advent of IoT has revolutionized the way individuals and corporate organisations interact with technology, and seamlessly integrate smart devices into their daily routines.

From smart thermostats and wearable fitness trackers to home security cameras and voice assistants, he stated, IoT devices offer unparalleled convenience and connectivity.

He, however, argued that despite the ‘unparalleled convenience and connectivity’ it offers, such connectivity also presents significant security challenges; noting that as more devices become interconnected, a broader attack surface for cyber-criminals is created.

According to him, IoT devices, such as smart thermostats and security cameras, to advanced wearable technology such as fitness trackers and smartwatches, play a crucial role in both personal and professional settings; since they streamline everyday tasks, improve efficiency, and provide valuable insights through data collection and analysis.

“ In personal settings, IoT devices contribute to home automation, energy management, and health monitoring. Professionally, they facilitate enhanced operational efficiency, predictive maintenance, and smarter decision-making. The pervasive adoption of IoT technology is reshaping industries by offering innovative solutions and creating new opportunities for businesses and individuals alike,” he stated.

The Eybrids boss however noted that as the influence of these devices grows, addressing the associated security challenges has become increasingly essential to ensure their benefits are fully realized without compromising safety.

He identified weak or default passwords, insufficient data encryption, insecure communication protocols and outdated firmware, among others, as some of the common vulnerabilities in IoT devices that allow attackers easily have unauthorized access to the network such devices are connected to.

For instance, many IoT devices, Olabisi noted, come with weak or default passwords, such as “admin” or “123456,” which are rarely changed by users, a vulnerability that allows attackers to easily gain unauthorized access, thereby compromising the device and potentially the entire network it is connected to.

He, therefore, warned of the significant and far-reaching consequences exploitation of IoT vulnerabilities can have on the victims.

“One major method attackers use is the creation of botnets, which are networks of compromised devices controlled remotely by cybercriminals. By exploiting vulnerabilities in IoT devices, such as weak passwords or outdated firmware, attackers can hijack these devices and enlist them into a botnet. Once in control, the botnet can be used to launch distributed denial-of-service (DDoS) attacks, overwhelming targeted websites or online services with traffic and causing them to become inaccessible,” he stated.

Olabisi believed that such attacks can disrupt business operations, damage reputations, and incur substantial financial losses.

He also identified data theft and privacy breaches as another critical risk; since many IoT devices collect and transmit sensitive personal or business data, including health metrics, financial information, or proprietary business information.

“When these devices lack proper encryption or have insecure communication protocols, attackers can intercept and access this data,” he added.

The Eybrids boss therefore called for a proactive and multi-layered approach at ensuring the security and integrity of connected devices are preserved, insisting that implementing strong security practices can significantly mitigate the risks associated with IoT devices.

Some of the security approaches, he stated, include: Change of Default Passwords, Implementation of strong Encryption; Regular Software Updates and Patches; Secure Communication Protocols; and Device and Network Segmentation; among others.