The Rise of Machine-to-Machine (M2M) Attacks in 2016. Machine to machine (M2M) is a broad label that can be used to describe any technology that enables networked devices to exchange information and perform actions without the manual assistance of humans. M2M communication is often used for remote monitoring. In product restocking, for example, a vending machine can message the distributor when a particular item is running low. M2M communication is an important aspect of warehouse management, remote control, robotics, traffic control, logistic services, supply chain management, fleet management and telemedicine. It forms the basis for a concept known as the Internet of Things (IoT).
The Rise of Machine-to-Machine Attacks
Research company Gartner predicts there will be 6.8 billion connected devices in use in 2016, a 30 percent increase over 2015. By 2020, that number will jump to more than 20 billion connected devices, predicts Gartner. Put another way, for every human being on the planet, there will be between two and three connected devices (based on current U.N. population projections). The sheer number of connected devices, or the “Internet of Things,” presents an unprecedented opportunity for hackers. “We’re facing a massive problem moving forward for growing attack surface.”
Threat: Machine to Machine Attack 2016
The exponential increase of unmanaged, “headless devices” driven by the Internet of Things will make these types of devices a tempting target for hackers looking to secure a beachhead into more traditional devices and corporate infrastructures. We will see a rise in the number of attacks that exploit flaws in trusted machine to machine (M2M) communication protocols. Gartner predicts that there will be more than 20 billion IoT devices by 2020. That’s a very large playground for attackers, and consumer and corporate information is swimming in that playground. Many consumer connected devices do not prioritize security. As they proliferate, expect the number of attacks to skyrocket. A lot of these products and services, oftentimes security will take a backseat, so it puts a lot of information at risk.
Future Outlook: Exploits and malware will be developed that target trusted communication protocols and APIs: Bluetooth, RFID, NFC, Wi-Fi, Zigbee, etc. Land and Expand Tactics start further away from defensive core as lucrative corporate networks implement better cyber defenses. Hackers will target devices further into their employees’ personal technology ecosystems to establish an initial beachhead. Connected Medical Devices and their host applications are a high-value target as the industry moves to adopt new technologies like medicine pumps, hospital bed sensors, smart blood pressure cuffs and others. Exploits in connected home automation devices like smart TVs, cameras, smart locks, lights, etc. will be used as an entryway into personal data and used as a vector to compromise corporate-issued devices. Home routers and networking continue to be highly targeted by hackers.