Skip to main content

Analyzing Insider Risk Threat to the Internet of Things (IoT)

by Justin R Kinney
Publication Type
Conference Paper
Book Title
INMM Annual Meeting Proceedings
Publication Date
Publisher Location
United States of America
Conference Name
INMM & ESARDA Joint Annual Meeting
Conference Location
Vienna, Austria
Conference Sponsor
Institute of Nuclear Materials Management & European Safeguards Research and Development Association
Conference Date

Recent technological advancement has created a growing convergence of innovation. From machine learning to ubiquitous computing to wireless networks and automation, the world is seeing new technology increasingly capable of connecting with each other. Devices and systems use open communications networks to interact, process information, and react. This is called the Internet of Things (IoT) and is comprised of physical devices that exchange data over networks, creating revolutionary possibilities. The most common way most people interact with an IoT is through ‘smart home’ products like Amazon’s Alexa, which use microphones, speakers, and phones to control a variety of devices, from lights and thermostats, to cameras, to appliances and vacuum cleaners. But the open nature of IoT networks—necessary for their ability to communicate and operate—also introduces privacy and security concerns. At a personal level, this might mean a hack into a home to steal private information, but when applied in broader industries like healthcare, transportation, manufacturing, or the military, this vulnerability can have serious consequences. As IoT usage and interconnectivity increases, so too does the susceptibility to malicious actors. And the entire system is only as secure as its least secure member. This creates particular risk and vulnerability to radiological material industries, as a competent insider adversary could utilize the IoT to potentially steal or access classified or sensitive information about employees, sites, or systems; or simply sabotage security or maintenance from a more remote—and less secure—device. The IoT relies on a secure network across the entire system, especially in transport which may lack the security of more permanent locations; if one device fails, it can create a ripple effect and an insider threat may seek to exploit that connectivity. While IoT benefits drive increased innovation and usage, there are also vulnerabilities an insider threat could exploit; this risk of an IoT to radiological material must be addressed in any mitigation effort.