Securely Enabling Our
Future—A Conversation on
Upcoming Attack Vectors
We’ve seen a whole range of new attack vectors and threat agents come into the
technology landscape since the dawn of the Internet. Many of the threats have evolved in a
fairly predictable way. But because the world around us has come to rely upon interconnected
devices at an ever-increasing rate, it’s important for us to ponder the threats to our future.
So far, we have taken a look at vulnerabilities and security principles pertaining to specific
devices. We’ve learned a lot about the state of security in IoT devices already in the consumer
market. We know the things we are doing wrong today that we need to improve upon to
securely enable the devices of the future.
Based on our knowledge of the evolving threat landscape as well as vulnerabilities that
have plagued and continue to plague our computing systems and IoT devices, we stand on
good ground to be able to predict scenarios that may come to pass. As the use cases served by
IoT products evolve, new attack vectors will emerge. In this chapter, we will predict some
plausible scenarios of attacks based upon our understanding of how IoT devices will serve our
needs in the future.
The Thingbots Have Arrived
Botnets consist of groups of workstations and laptops that have been compromised and are
controlled by the botnet owner. Most often the devices are infected by malware sent to the vic-
tim via email, by using a phishing website, or by software worms that exploit a vulnerability. A
single botnet can comprise thousands of devices, giving the botnet owner tremendous power
to launch denial of service attacks on other networks by directing traffic from infected
231CHAPTER 8