In Part One of this Cybersecurity for IoT Blog Series, I noted that we should assume that everything will someday be connected—even those “things” designed without any networking capability. However, we should also be deliberate when deciding what to attach and what to isolate. When a link is established, we should know not only that a connection has been created, but also why, what risks will result, and how those risks will be managed. If connections must be made with care—or in some cases not at all—then why should we assume “things that can be connected will be connected?” It might initially appear that my proposed first and second laws of IoT contradict one another. I would argue against this conclusion.
To help companies mitigate risks associated with an increasingly connected world, ICSA Labs, an independent division of Verizon, is rolling out a new security testing program to provide assurance testing for Internet of Things (IoT) devices and sensors. The program is believed to be among the first-of-its-kind.ICSA Labs will test six components as part of the new IoT Security Testing and Certification Program including: alert/logging, cryptography, authentication, communications, physical security, and platform security. The ICSA Labs Product Assurance Report found the majority of security devices fail to perform as intended.
Oh great. The world’s internet security professionals are increasingly worried about what they are calling the Internet of Evil Things.These concerns stem from the risks posed by connected Internet of Things (IoT) devices — a problem which is set to grow, even as resources and visibility into such connected devices have stagnated, according to a new survey.
Construction is a business that carries inherent risks, especially when your teams are working in one of the most remote regions of the world. Operating in the Australian outback, where heatstroke can injure or even kill workers in hours with little warning, engineering firm Laing O’Rourke uses the power of the Internet of Things (IoT) to keep its workers safe.
Connected devices like smart thermostats, smart washing machines, smart locks, smart fridges, and etc. are all great ideas. The idea of being able to remotely turn them on, set them on a schedule, adjust themselves based on your needs, and so on are huge conveniences, but they also seem to be potential security risks.Recently it has been discovered by the folks at Pen Test Partners (via Techdirt) that a smart kettle made by a company called Smarter is susceptible to hacks.
The Internet of Things is expected to be the next big thing in the technology space, as everyday products ranging from home appliances to industrial equipment are increasingly being connected to the Internet. Samsung is betting big on the trend, announcing earlier this year that it would be equipping as much as 90% of its devices with IoT capabilities by 2017. While this should bring some incremental upside to Samsung’s consumer electronics unit in the form of product differentiation, the company’s lower-profile semiconductor unit is actually more likely to see a substantial upside from the growing trend of connected devices. In this note, we size up the IoT market for semiconductors and look at some of the opportunities and risks for Samsung.
Last week both the FBI and the Department of Homeland Security warned of risks associated with the emerging Internet of Things. The term IoT often refers to devices that are readable, recognizable, locatable, and controllable via the Internet. Gartner estimates there will be around 26 billion networked devices on the Internet of Things by 2020. Certainly, there are many risks inherent with so many objects connected to networks, but there are also many smart technologies that can enhance security and DHS’s mission to protect the nation.
When the Federal Bureau of Investigation issues an alert to healthcare organizations and others warning of the serious cyber risks the Internet of Things presents, it’s probably best to pay attention.For healthcare security folks, this means paying closer attention to the myriad IoT devices within their organizations. And they’re not necessarily all the devices you might think of. They also include things such as HVAC remotes, Wi-Fi camera, insulin dispensers, thermostats and any type of wearable and other medical devices. These devices, FBI officials said, are notorious for having serious security deficiencies. This, combined with patching vulnerabilities, make these IoT devices an attractive target for cybercriminals.
Critical security flaws have been uncovered in ZigBee, the popular short-range wireless communication standard used by Internet of Things (IoT) devices.Speaking at Black Hat 2015 in Las Vegas, Cognosec researchers outlined the main security risks in ZigBee implementations, the devices affected and provided practical exploitations of actual product vulnerabilities.
We reported last week that a number of Fiat Chrysler vehicles were being recalled due to the potential for them to be hacked.Experts at IoT security specialist INSIDE Secure have been looking at the risks and how vehicles can be made more secure in future.