Did you know that the first IoT murder was supposed to happen in 2014? Don't believe me, check out: First IoT-mediated murder could occur in 2014, experts warn http://www.itpro.co.uk/hacking/23242/first-iot-mediated-murder-could-occur-in-2014-experts-warn.

Security is a very important part of IoT, be it as simple as stealing data or monitoring your door sensor to know when you have left your home or spoofing a data record to indicate an unwanted event to create havoc. Security is essential.

Now we need to invest in a firewall for our toaster.

IoT devices are being used to perform DDoS attacks on other entities. Stealing data from a sensor is one thing, but reprogramming/hacking a smart device to think it is something else is a new level of disaster.

On Friday October 21, 2016 there was a Distributed Denial of Service (DDoS) attack that took place on a DNS provider named Dyn, bringing down major websites such as Etsy, GitHub, Netflix, Twitter, and Spotify.

This was a Mirai bot attack (https://www.corero.com/resources/ddos-attack-types/mirai-botnet-ddos-attack.html). All this malware does is convert devices running Linux into remotely controlled Bots that can be used as part of the botnet for performing large-scale network attacks.

Old router and IP cameras were the major source of devices that were used in the attack that brought down part of the USA.

You can read more about the attack from Dyn here: https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/.

This is just one of a few attacks that have happened in the recent past. You can find plenty more on the internet.

The new trend in IoT hacking is ransomware. Hackers get into IoT systems or software and block it or disrupt it. In order for the device or the system to work properly again, the owners need to pay a ransom (mostly through cryptocurrency such as Bitcoin).

Imagine a world where your coffee machine blackmails you into paying money or it will brew only decaf.

In this time and age, what is the best way to be secure? Just turn things off?

Jokes aside, this is a pretty serious issue. Do remember that systems are built to be hacked. So, what might seem a security solution today may be a new attack name tomorrow.

In the world of IoT, our primary goal is to keep data safe and the secondary goal is to keep our devices and servers updated.

For data communication security, we can use a standard such as X.509, where we encrypt the transported data using public/private keys. If needed, the data that is being transmitted can be scrambled and encrypted.

All of the data stored in databases needs to be encrypted. This definitely causes overhead but will save us from attacks.

Check out this article on how MongoDB databases were attacked and how ransoms were required to get them back: https://www.networkworld.com/article/3157766/linux/mongodb-ransomware-attacks-and-lessons-learned.html.

In the next section, we will start looking at the two types of IoT stacks that the world is moving towards: cloud computing and fog computing.