"Yury Dvorkin Provides Analysis on Study that States Consumer Security Savvy is Way Behind IoT Threat Landscape"
The rapid proliferation of consumer and industrial Internet-connected devices has made the cyber threat landscape expand faster than the ability of humans to keep up. Consumers' ability to detect threats and protect against them is lacking. Risks to commerce, as well as public and private infrastructure and systems, arise when consumers are not concerned about safeguarding their web touchpoints. According to Comcast's 2022 Xfinity Cyber Health Report, the average household has 15 connected devices, up 25 percent from 2020, with "power users" having as many as 34. The consequences are not only disastrous for individuals. Yury Dvorkin of Johns Hopkins University's Ralph O'Connor Sustainable Energy Institute (ROSEI), an expert in power infrastructure and cyber-physical resilience, says vulnerabilities at any node, be it a home climate control system, car, or major appliance, can serve as entry points for threat actors. Dvorkin co-authored a study on how Electric Vehicles (EVs) and other high-wattage appliances can be vulnerable to demand-side cyberattacks with grid implications. This is due to the fact that they involve Internet of Things (IoT) communication and control interfaces, as well as connection with smartphone apps. The infamous Mirai botnet Distributed Denial-of-Service (DDoS) attack, which infected over 500,000 IoT devices with factory-set default login credentials in 2016, is considered the poster child for IoT vulnerabilities. The attack on the Dyn Domain Name System (DNS) provider briefly brought down Airbnb, PayPal, and Twitter, costing Dyn around 8 percent of its customers. According to Dvorkin, an attacker can adjust the power consumption of hacked IoT-controlled loads to cause load shedding, diminish security margins, or cause a cascading failure. This article continues to discuss Dvorkin's contribution to the study on consumer security savvy being behind the IoT threat landscape.