Top Ad unit 728 × 90

Lastes News


IoT Cyber security THE challenge for 2017

Cyber security is finally gaining the attention it so desperately deserves, as people everywhere are starting to realize the importance of these systems and how they pervade our lives. But It's not just the electronic voting booth hacks that should have us worried, as technology creeps into everyday life. The Internet of Things, an initiative bent on embedding computing and networking functionality into pretty much everything (giving rise to a new moniker: IoE), is just as, if not more at risk from hackers.

IoT/IoE encompasses anything with connected technology
Printers, Smart lighting, smart thermostats, Driver-less cars, smart factories, smart grids, and so forth. Some medical implants also harness low-range wireless communications, and vulnerabilities have been found in a few pacemakers. The increasingly critical nature of these technologies, and constant breaches show that cyber security hasn’t evolved at the same pace as the other aspects itself.

Printers the greatest example of lacking IoT Security
One of the oldest devices connected to the the internet still remains one of the most vulnerable. White hat hackers (basically well-intentioned offensive security freelancers) have demonstrated just how many vulnerable, ill-configured or worse yet - default password using printers are connected to the internet.
We're talking about technology that has been around for decades, and proper cyber security has yet to reach all of these devices. Something has to change as the damage caused by a smart thermostat or medical implant can be a lot more catastrophic than expensive printer ink.

Software Companies taking the initiative
Canonical, a company well known for their popular Server and desktop linux distribution, Ubuntu, has decided to expand its ecosystem into the IoT. Marketed as Ubuntu core, this stripped down linux-based operating system implements many security-by-design features along with a robust updating system. They aren’t the only ones launching security-conscious  IoT platforms and many other vendors are starting to take interest in the area.

Political unrest may be a key driver
With the well-known vulnerabilities in electronic voting systems, the more than controversial results and constant remarks by president trump on “election rigging”, cyber security has taken a forefront in today’s media. Boosted by the Russian hacking scandals and possible connections to ongoing events, people are realizing that current-gen cyber security is inadequate.

Considering social engineering is the largest vector for malware and on of the most effective ways into hardened networks, this mindset will go a long ways into perpetrating a culture of privacy, encryption and overall security.

Transparency the way forward
Technology with closed-source firmware/hardware has always suffered from eventual vendor abandonment, and this often leads to expensive vulnerable systems that cannot be upgraded. Much in the same way that CSP’s decided to adopt an open hardware/software model with SDN/NFV, embedded technology vendors must make their systems as open and transparent as possible so the can be easily audited, monitored and maintained.  

Take for example the incident with the thousands of Chinese DVR’s with vulnerable firmware. Instead of pushing a simple firmware update, they had to replace the thousands of devices. Given the ever-evolving nature of malware, hackers and software exploits, in this day and age a system that cannot be updated should be considered as a massive security liability.

Final Thoughts

Due to the often cheap nature of IoT devices, I see open and collaborative platforms - like Ubuntu core - as a great way to create secure, easily up-gradable devices while keeping costs to minimum. In the industrial sector (healthcare, manufacturing, transport) companies have a lot more to work with, and as industry 4.0 takes of security will be implemented in those next-generation systems from the ground-up.

IoT Cyber security THE challenge for 2017 Reviewed by James Piedra on 10:43 AM Rating: 5

No comments:

All Rights Reserved by Lanner - Next-Generation Networks and Cyber Security © 2014 - 2015

Contact Form


Email *

Message *

Theme images by sebastian-julian. Powered by Blogger.