LIVE FROM GSMA M360 MOBILE SECURITY AND INDUSTRIES, LONDON: Rasma Araby, MD at information security company atsec (pictured, right), blamed outdated software, poor data protection and password misconfiguration for continued rises in IoT-related attacks.

Araby estimated more than 115 million devices globally were affected in 2022, with connected homes and buildings the most common target.

“By 2027, there will be 29 billion IoT devices, doubling the number of devices we have today,” she said, adding there is a lack of global or universal requirements for connected devices.

“We see it as a big challenge right now. IoT products are global products and manufacturers need to comply with different requirements in different countries, they cannot go in all directions.”

Meanwhile, Matt Lewis, research director at security services provider NCC Group, called for a shift in perspective regarding IoT attacks.

“So far, regulations are focused on devices, but we need to think beyond the products themselves and look at how they communicate with each other.”

Particularly, he warned about the harm caused by fake smart home devices and the lack of regulatory measures in the market around an issue he said exposes users to vulnerabilities and increases the risk of sensitive data being stolen.