Unlike traditional web apps, IoT software is deployed on thousands and even millions of devices and are always on, so vulnerabilities are magnified over a much wider attack surface.
A lot of IoT devices are embedded within equipment that lasts a long time—even decades (automobiles, subsea devices, HVAC systems, and so on). It’s often hard to deploy patches on or upgrade the software contained in these devices as frequently. The likelihood of vulnerabilities persisting in these devices for months to even decades is extremely high.
Open source operating systems
The large majority of IoT devices run on open source operating systems and on off-the-shelf hardware and networks. The inherent vulnerabilities baked into open source software makes them even more susceptible to attacks.
The 5G network effect
5G is expected to usher in the IoT era to an even greater extent. With its high bandwidth and speed, it will connect everything and remain always on. This increases the likelihood of an attack, and a public network is always more susceptible to an attack.