Skip to content

Yes! One vulnerable smart camera can wreck havoc across the entire smart home

The topic of securing consumer IoT devices has been on the wider industry’s mind for a while but has recently gained mainstream attention; in part due to the recent spate of high profile & publicized attacks


1. Threats to Consumer IoT are real… and rising

Once thought to have been confined within industrial / enterprise domain, everyday consumer Smart Home / IoT devices are increasingly becoming the targets of large scale threats such as DDoS attacks, viruses, malwares, spywares, trojan, ransomware and other privacy & security breaches

The growing consumer awareness of IoT threats can be traced to the increasing number of malicious attacks on (now) everyday connected home devices in recent times; most notably from last year’s large scale Mirai attack

These privacy & security concerns only compound as IoT devices increasingly enter to perform more sensitive & personal tasks in our lives (think: home security monitoring, baby monitoring, door locks, etc.)

And… it could take just one vulnerable (interconnected) IoT device to wreck havoc across the smart home network

Continuous (preventable) attacks may impair long term consumer confidence

Various research firms ‘predict’ billions of connected IoT device ownership within the next decade… but only if consumers’ confidence in IoT holds up!

Interoperability issues aside; the rising spate of attacks on everyday connected devices (IP cameras, baby monitors, et al.) alone is leaving consumers warier

Gaining consumers’ confidence would be an uphill battle when the very smart home security camera designed to keep them safe is hacked to broadcast their private lives[LIVE] to the world or their smart door lock has been unlocked remotely to allow access to intruders


2. Industry mainstays & start-ups alike finding an opportunity in neutralizing IoT threats

There are 4 key nodes at which the IoT ecosystem can be secured against potential attacks, exploits & privacy intrusions – namely —- Hardware / Terminal devices — Software / Apps / content layer — Cloud infrastructure — and Network (WiFi, cellular, fixed, etc.) — with various security measures (think: encryption, cryptographic keys, biometric authentication, secure enclave, brute audits, etc.)we shall dwell deeper into each of these nodes in future posts

Myriad of value chain players; from industry mainstays through to start-ups are discovering ancillary revenue opportunities in addressing various types of consumer IoT threats

One emerging solution to secure IoT @ Home

Most IoT hardware manufactures aren’t security experts

…some may even knowingly skip advanced security measures to reduce build costs & gain a price advantage (volumes game)either wayshardware / terminal device security has a long way to go

One other (local) node-point…

…that has been gaining prominence has been the home-network gateway itself and traditional security vendors such as Symantec & Bitdefender have been unveiling their consumer IoT security solutions recently

Acting as data guardians…

…these ‘IoT security hubs / routers’ sit guard between the plethora of home connected devices and the ‘outside world’ they communicate with; claiming to scan every transmitted data packet for any malicious code

Industry mainstays…

…such as Symantec (maker of Norton security products) for example has begun taking pre-orders for it’s network security hub that specialized in identifying threats flowing between all home connected devices (particularly IoT terminal devices) and the wider network

Even start-ups…

…such as Cujo & Dojo are getting into the Home IoT security bandwagon with their respective hardware & accompanying services

Machine Learning & AI…

…will take front seats in predicting & neutralizing any potential threats before they occur and are being actively integrated by most of the aforementioned providers in their respective propositions


3. Security-as-a-service joins the subscription club

IoT Security-as-a-service offerings could range from outright security hardware sale through to a one-time security monitoring fee… but it is the (recurring revenue) subscription model that would emerge as the mainstay of the industry

According to Markets & Markets research; the wider IoT security market is expected to grow at a CAGR of 34% into a $29B business by 2022

The primary value proposition offered by IoT-security service providers is their ability to continuously monitor, predict & neutralize any threats in real time

…for which; the most suited (& lucrative) model is the subscription model with potentially perpetual revenue opportunity to the service provider

For example in the case of Norton Core security hub – the value add provided by the $9.99/mo.subscription is live-monitoring of threats by an “actual team of security experts” who push security patches to the device in real-time

Expect many more such subscription-based services from other value chain players to pop up in the near future


So…

As the broader consumer IoT / Smart Home segment itself proliferates; malicious attacks & privacy intrusions are only expected to grow & evolve at a rapid pace

Every IoT value chain player; from hardware vendors through to wireless carriers, software developers & even service providers are taking consumer IoT security seriously and responding with their own version of solutions to counter threats

Standalone IoT devices that are designed with security-first features & include some sort of ongoing security support would uniquely position the manufacturer’s value-proposition in a crowded market

In an ideal world, every single IoT value chain provider would adopt a single set of IoT security protocols for their hardware, software & services… but until that ideal time of universal interoperability arrives…

…expect integrated solution providers who offer a unified smart solution (devices + services + end-2-end security) along with frictionless ‘out-of-the-box’ consumer experience to emerge as front runners in the consumer IoT race

IoT Security could become a unique ‘brand label / exercise’ (think: organic / sugar-free / fat free in the grocery world) that manufacturers / service providers could capitalize on to further distinguish their ‘products on shelves’ & increase consumer interest / attention

In the forthcoming post, we shall explore other facets within the broader IoT security topic; including security pertaining to the backbone of IoT – Networks & the role Wireless Carriers play in securing cellular-based IoT solutions

Stay tuned!