The rapid proliferation of Internet of Things (IoT) devices has revolutionized various sectors, but it has also introduced significant cybersecurity threats, leading to several high-profile infrastructure failures that underscore the potential risks to national security and economic stability. For instance, in 2019, a series of distributed denial of service (DDoS) attacks exploited vulnerabilities in IoT devices, causing widespread internet outages and financial losses. Similarly, in 2022, a major cyberattack targeted IoT-enabled smart meters, resulting in incorrect billing and significant financial losses for both consumers and energy providers. These incidents highlight the critical need for robust and cyber-secure IoT modules to prevent such disruptions. However, the proliferation of low-cost IoT modules in the Indian market is often overlooked.
Unreliable Performance and High Long-Term Costs
Low-cost IoT modules often have opaque manufacturing practices, uncertainties in remote access, settings and credentials management and limited ability to monitor behavior and detect attacks, negatively impacting their reliability. They suffer from numerous issues, including malfunctions, security vulnerabilities, inconsistent performance, short lifespan and data inaccuracies. These problems often stem from overheating, frequent breakdowns and unreliable performance, making them unsuitable for critical applications. While initially cheaper, they often lead to higher long-term costs due to frequent replacements and maintenance.
Impact on the Power Sector and Infrastructure
In the power sector, deploying low-cost IoT modules in energy management systems via smart meters can lead to minor but regular failures at the consumer end and loss of revenue for distribution companies (DISCOMs). Such disruptions would not only cause immediate financial losses but also impact the reliability of the system and place a long-term strain on infrastructure due to maintenance issues. While the deployment of smart electric meters would significantly enhance resource planning and reduce aggregate technical and commercial (AT&C) losses for DISCOMs, an infrastructure plagued by regular breakdowns would negate the benefits of adopting newer technology.
At scale, such disruptions would have devastating effects on industries, businesses and households. Low-cost IoT modules in electric smart meters lead to productivity losses, supply chain disruptions and equipment damage. Additionally, frequent failures would erode public trust in the power grid, fueling skepticism about its reliability.
Furthermore, overseas IoT module manufacturers control as much as 90% of the Indian smart devices market. These manufacturers partner with Indian firms to produce IoT devices using imported modules, contributing to the widening trade deficit and potentially compromising cybersecurity due to alleged snooping tactics.
The Path Forward
To mitigate these risks, especially for critical infrastructure, India needs to move away from its L1 (lowest cost) procurement strategy and emphasize hardware security and reliability during procurement by introducing minimum hardware quality standards. For example, the UK has introduced minimum security standards for IoT devices, requiring manufacturers to adhere to specific guidelines to ensure device security and reliability. Similarly, Japan has implemented stringent procurement guidelines that prioritize the quality and security of IoT hardware. These measures ensure that only high-quality IoT modules are deployed in critical infrastructure, reducing the risk of failures and enhancing overall security.
Additionally, India should diversify its supply chains. Adopting globally advanced cybersecurity standards and practices, such as the U.S. Cyber Trust Mark, can help qualify reputable IoT module manufacturers. These measures will also result in Indian IoT devices using imported modules, providing greater access to the global market.
The hidden costs of low-cost IoT modules might appear minuscule initially, but at scale, they prove to be significant and far-reaching. From power grid disruptions and public safety threats to telecommunication failures, the risks associated with low-cost IoT modules are substantial. By adopting stricter procurement guidelines, conducting regular security audits, launching public awareness campaigns and offering incentives for secure IoT development, India can mitigate these risks and ensure the stability and security of its national infrastructure and economic systems. The time to act is now, before the hidden costs of low-cost IoT modules become too great to bear.
Related Articles
Indonesian President Prabowo Visits Beijing and Washington
November 22, 2024