There are a large number IoT security breaches, some examples include:
- A malicious computer worm responsible for causing substantial damage to Iran’s nuclear project by targeting PLCs responsible for extracting nuclear material.
- Malware developed to attack Linux based devices connected to a network and turn them into remotely controlled bots.
- IoT hacking demonstration on connected cars.
- WiFi connected devices allowing the attacker to exploit the vulnerabilities of the users.
For more info on IoT security breaches read here.
Among other considerable consequences, unsecured IIoT systems can lead to operational disruption and monetary loss. The state of the current industry is such that IoT providers are focused on developing their solutions and rely on the network to provide cyber protection. However, the network is not designed to provide cyber protection in the granularity and protection level required to protect IoT devices.
This alarming situation has recently led the state of California to regulate the cyber protection of IoT devices:
“effective on January 1, 2020. The California IoT law requires manufacturers of connected devices to equip the device with a reasonable security feature or features that are all of the following: appropriate to the nature and function of the device; appropriate to the information the device may collect, contain, or transmit; and,designed to protect the device and any information contained therein from unauthorized access, destruction, use, modification, or disclosure.”
Read more here on the new regulation.