The Increasing Growth in IoT Digital Forensic Investigations

The existing lack of skilled professionals and worldwide deficit of cybersecurity resources in a tech-driven society will surprise CISOs and cybersecurity experts when the subsequent generation of cybersecurity achieves its maximum capability. Not too long ago I remember the first malware infected smart TV, then two white hat hackers made waves when they pulled off a remote hack of a car on the highway, turning on the wipers, blasting the radio, and finally, killing the engine to bring the vehicle to a complete stop. With an estimated 20 billion IoT devices globally and with an average of 70% unsecured IoT devices it is not surprised to see the increase in digital forensic analysis done on compromised devices.

IoT, short for Internet of Things, is just a fancy term for smart devices that can connect to the Internet. These devices can be baby monitors, vehicles, network routers, agricultural devices, medical devices, environmental monitoring devices, home appliances, DVRs, CC cameras, headset, or smoke detectors and my Garmin watch.

Critical Infrastructure will be main targets and ransom demands will increase, as cyberattacks rise, they will turn “uninsurable.” This will no longer be a data privacy concern but rather reputational harm, critical service interruptions, and even fatalities.
 
In light of the increasing cyberattack threats in the past year, businesses must revamp their cybersecurity methods in the IoT sector as AI introduces unparalleled weaknesses. “Although IT hardware and software security has improved significantly in recent years, IoT security has lagged behind,” We have witnessed extensive attacks utilizing IoT, such as IoT botnets; I recall the 1Tb DDOS Mirai malware attack leveraging IoT devices.
 
Throughout the years, we have evolved from computer forensics, then transitioned to mobile devices, and now include smartwatches, drones, and vehicles parked in the parking lot.

In the realm of security, weaknesses frequently exist at the crossroads of the physical and digital realms. Threat actors excel at taking advantage of the most vulnerable point in the security chain, and grasping this is essential for developing a strong security defense strategy that covers all weaknesses – whether physical or digital. The link between the two is increasingly difficult to ignore. More than often, we are seeing a lack of security alignment between the digital and physical world.

In most of our forensic analysis on IoT exploits we are seeing less security harden on the manufacturing hardware layer than before, this mainly due to mass production and quick to market strategies. The older Chip sets used in the design has never taken security into consideration.
The use of SDR and IR technologies are part of exploiters toolbox, better know as the pocket hacker. Hope you prepared for the generation of cyber henchmen.