Articles Data Breaches and Identity Theft | Page 5

68 M. Abomhara and G. M. Køien
entities is made possible by hardware components called devices [12] such as
mobile phones, sensors, actuators or RFID tags, which allow the entities to
connect to the digital world [15].
In the current state of technology, Machine-to-Machine (M2M) is the
most popular application form of IoT. M2M is now widely employed in
power, transportation, retail, public service management, health, water, oil
and other industries to monitor and control the user, machinery and production
processes in the global industry and so on [5, 16, 17]. According to estimates
M2M applications will reach 12 billion connections by 2020 and generate
approximately 714 billion euros in revenues [2].
Besides all the IoT application benefits, several security threats are
observed [17–19]. The connected devices or machines are extremely valuable
to cyber-attackers for several reasons:
1. Most IoT devices operate unattended by humans, thus it is easy for an
attacker to physically gain access to them.
2. Most IoT components communicate over wireless networks where an
attacker could obtain confidential information by eavesdropping.
3. Most IoT components cannot support complex security schemes due to
low power and computing resource capabilities.
In addition, cyber threats could be launched against any IoT assets
and facilities, potentially causing damage or disabling system operation,
endangering the general populace or causing severe economic damage to
owners and users [20, 21]. Examples include attacks on home automation
systems and taking control of heating systems, air conditioning, lighting
and physical security systems. The information collected from sensors
embedded in heating or lighting systems could inform the intruder when
somebody is at home or out. Among other things, cyber-attacks could be
launched against any public infrastructure like utility systems (power sys-
tems or water treatment plants) [22] to stop water or electricity supply to
inhabitants.
Security and privacy issues are a growing concern for users and suppliers
in their shift towards the IoT [23]. It is certainly easy to imagine the amount
of damage caused if any connected devices were attacked or corrupted.
It is well-recognized that adopting any IoT technology within our homes,
work, or business environments opens doors to new security problems. Users
and suppliers must consider and be cautious with such security and privacy
concerns.