Internet of Things: Convenient But Insecure

The Internet of Things (IoT) is a huge new dimension, full of possibility for changing our everyday lives. A lot of IoT devices are already in use, of course.

On the consumer side, we see WiFi enabled juicers, Fitbits, home security systems, and children’s toys, like talking teddy bears. In industry, we see insulin pumps, industrial components, and specialized devices that interact with programable logic controllers in SCADAs.

That’s merely the tip of the iceberg, and I expect IoT use to explode the way home Internet use exploded in the 1990s and early 2000s. It’s a new frontier.

But all that possibility for fun, convenience, and efficiency comes with a significantly expanded cyber attack surface. Cybersecurity problems can take down organizations, open your family up to attack, and, in the case of some medical and other devices, actually kill, and IoT makes that an even greater threat.

One of Cylance’s security researchers wrote an excellent piece on IoT security matters that’s worth a quick read. I want to get back to basics again and share some concerns covering a variety of areas of IoT security. And I could think of no better source for information than people who research IoT every single workday.

I had the honor of speaking with Mike Nelson, a technical Director for McAfee, previously for Intel; Ken Munro, a security writer, speaker, and researcher for Pen Test Partners; and Stuart Peck, head of cybersecurity strategy for ZeroDayLab. All three gentlemen work directly with IoT research, and their views may not necessarily reflect those of their employers.

Our conversations touched consumer devices, industrial and the Industrial Internet of Things (IioT), smart cars, and industry regulation.

That WiFi Toothbrush Only Looks Harmless

The researchers agreed that consumer IoT devices are usually the least secure, as many manufacturers have (Read more...)

This is a Security Bloggers Network syndicated blog post authored by Kim Crawley. Read the original post at: Cylance Blog