Assessment of Security Threats on IoT Based Applications: Cyber Security Case Study in Cloud-Based IoT Environment Using the Example of Developing Cloud Information Security Technology in Banking

Abstract

The main objective of this master’s thesis is to emphasise on internet cyber security viewpoint on the appliances and the environment of the internet of things (IoT). In recent studies, there has been an exponential rise in the number of IoT devices and the usage rate of these devices is frequent because they are used in everyday life. Hence, the need to secure these IoT devices is becoming more and more crucial. The specified research methodology was sub-divided into two main parts. The first part of the research was about investigating and studying the environment and the IoT architectural viewpoint. Also, what is currently available in the market, the different types of IoT appliances commonly utilised, and their purpose. This part also clearly emphasises the basic rules used to protect devices in such an environment against the most common forms of cyber-attacks. Study Design. The study adopted a mixed-method research design utilising case study and pragmatic philosophical reasoning, the exploratory approach was deemed appropriate because it enabled the research to be conducted by emphasising various aspects of the case under review. The study found out that the common vulnerabilities on IoT are malware, outdated software, weak passwords, storing data in clear texts. The vulnerabilities are exploited by cyber attackers to cause a denial of service and other forms of attacks that have caused millions of losses in the banking industry. Improved technology has also lead to increased cyber security risks in the banking industry. Therefore, the banking industry needs to take much care in regards to this and prevent cyber-attack directed to them as high as possible by being on guard always. To overcome the vulnerabilities counter measures must be put in place. Some of the counter measures are regular software updates, installation, and constant checks using antiviruses. Developing automated patching software to mitigate the vulnerabilities.