IoT botnets present unmanageable cyber security risk: Juniper Research

The scale of embedded connectivity could lead to an unmanageable cyber security risk created by botnets, Juniper Research Limited cautioned Monday in releasing data indicating the consumer Internet of Things (IoT) installed base will reach 15 billion-plus units by 2021.

The 15 billion consumer IoT connections represents a 120% increase over 2016, notes a statement Monday from Juniper Research, a U.K.-based company that provides research and analytical services to the global hi-tech communications sector.

Related: Insurtech platform revenues to approach US$235 billion by 2021, driven by machine learning and blockchain adoption: report

“Embedded connectivity is increasingly being used as a product differentiator,” the company reports. “The vast scale of this connectivity will, unless action is taken, lead to an unmanageable cyber security risk created by botnets in excess of 1 million units,” the company concludes in its latest whitepaper, Internet of Things for Security Providers: Opportunities, Strategies, & Market Leaders 2016-2021.

The research found that using botnets to disrupt Internet services will form part of the near-term threat landscape.

“Recent IoT botnets will prove merely to be the tip of the cyber security iceberg. Botnets were uncovered as a key factor in the largest DDoS (distributed denial-of-service) attack ever recorded last year,” the company explains.

Related: IoT poses one of insurance industry’s biggest underwriting challenges: Rosenbaum

The expectation is that “botnets will be used for more malicious purposes in future, impacting consumer, industrial and public services markets,” Juniper Research adds.

“In the medium-term, botnets will be used far more creatively – not only to disrupt services, but also to create a distraction enabling multi-pronged attacks aimed at data theft or physical asset disruption,” Steffen Sorrell, author of the research, maintains in the company statement.

Concluding the market is wide open for challenger cyber security vendors, the prediction is “the industry will be forced to move beyond traditional signature-based detection methods in the near-term in order to address IoT cybersecurity effectively.”

IoT device manufacturers would be well-advised to “take responsibility” by implementing security-by-design.

As well, corporate-scale vendors such as Amazon, Google and Samsung should lead efforts to galvanize other vendors to apply security best-practices, the company adds.

Related: Worldwide IoT security spending to reach US$348 million in 2016, up 23.7% from 2015: Gartner