Bryan Lillie, chief technology officer, QinetiQ
Bryan Lillie, chief technology officer, QinetiQ

By the end of this decade Internet of Things (IoT) devices will more than likely to outnumber humans. According to a recent study by Gartner, the number of these devices will have surpassed the four billion mark by the end of this year alone. By 2020 the global market for the Internet of Things is predicted to have grown to more than £1.4 trillion.

Such exponential growth has meant that the information superhighway that constitutes digital communications can now be accessed through a plethora of different tools. Increased accessibility has given rise to two major developments; a boost in technology markets around the world and a warping of the cyber-space landscape. From fridges and cars to medical instruments and children's toys, the IoT has brought about an era where almost every technology is being gifted with a connection to the internet, causing this superhighway to expand and become multifaceted.

In comparison to this rapid evolution, security methods have remained relatively stagnant, making cyber-space increasingly difficult to defend. One of the few technologies keeping up with the pace of change in this new era of connectivity is Artificial Intelligence, offering a potential solution to the underlying problem within the IoT sector. This problem revolves around the lack of security built into IoT devices, a problem exacerbated by the sheer volume of them available to consumers. The vast majority have limited capacity and sport low-end processers. Some altogether lack the capability to be extended with security software. When you're competing for space and processing power, security is either a secondary consideration or not considered at all by many manufacturers. This has seen the IoT become a prime target for cyber-attacks and is regularly exploited by cyber-criminals.

Take healthcare. Patient monitoring systems are becoming connected to allow for continuous tracking and potentially, automated care routines. Yet there is proof that these can be hacked through a simple USB drop, providing a route to then infiltrate the wider hospital network. Construction is another industry that is undergoing similar transformations in the digital space as a result of the IoT revolution. Buildings are now becoming incorporated into connected networks thanks to Building Management Systems (BMS) that are being installed within constructions. Called Building Information Modelling (BIM), this new industry is expanding and is seeing technologies placed within constructions to track use across their lifespan and allow for better management of facilities. Infrastructure itself is becoming part of the internet, expanding cyber-space on a grand scale.

Intense growth and little regard for security is proving to be a potent mix that has created an interconnected network with numerous vulnerabilities that stretches across the globe and is allowing compromised IoT devices to frequently become staging posts for more serious hacks in networks. Most recently, IoT devices were used to host malicious lines of code that served as a launching pad for a series of DDoS attacks on popular websites.

Traditional security measures are not always effective in dealing with this rapidly emerging threat. But recent strides in artificial intelligence have the potential to provide a new level of advanced cyber-security that could prove highly effective in contending with the unconventional and dispersive nature of IoT cyber-attacks. Machine learning cyber security programmes can sit within systems, adapting their behaviour based on what they experience within that infrastructure. By studying an organisation's network the programme can determine what characteristics of the environment are abnormal. Systems using machine learning will gather information about the network and connected devices and subsequently seek out anything that is out of the ordinary. They can monitor incoming and outgoing IoT device traffic to create a profile that determines normal behaviour of the IoT ecosystem and react to the slightest irregularities in a way that traditional security software is unable to do. Machine learning developed for this purpose enables a system to detect anomalies and adapt to cyber-attacks it has not recognised before.

In recent years, hackers have been provided with an almost completely unprotected attack vector, thanks to the rapid expansion of the IoT into an increasing number of industries. As a result, cyber-space has evolved and the cyber-security industry must evolve with it in order to defend businesses and homes against these rising threats. Artificial intelligence offers one such solution and may provide the answer the cyber-security industry is looking for. Machine learning technologies have the potential to offer the appropriate defensive needs against a threat that is growing and altering very rapidly.  

Contributed by Bryan Lillie, chief technology officer, QinetiQ