mardi 4 février 2014

The Internet of Things: Top five threats to IoT devices

A lire sur:

Though having so many devices interconnected can be convenient, it also comes a bevy of new threats. Where do we need to be cautious?

By David Geer

January 09, 2014 — CSO — The Internet of Things (IoT) is a mass of billions of connected devices from cars to wireless wearable products. Cisco's Internet Business Solutions Group estimated 12.5 billion connected devices in existence globally as of 2010 with that number doubling to 25 billion by 2015.

[What the Internet of Things means for security]

In light of this burgeoning market, CSO identifies five categories of IoT devices at risk in the coming year. CSOs who are aware of the threats and potential damage to their organizations can prepare accordingly.
In-Car WiFi
Once tallied, 2013 connected car revenues should reach $21.7 billion, according to analysts from Visiongain, LTD, with 2014 revenues climbing even further. As of the New Year, Ford and GM will increasingly offer in-car WiFi, turning cars into mobile hotspots and connecting passengers' smartphones, tablets and other devices to the Internet, according to John Pescatore, Director of Emerging Trends, the SANS Institute.
But, in-car WiFi has the same security vulnerabilities as traditional WiFi hotspots. Without the firewalls present in conjunction with small business WiFi installations, in-car devices and data will be at risk. Once inside the network, an attacker can spoof (pose as) the car, connect to outside data sources such as OnStar servers and collect the owner's PII such as credit card data, explains Pescatore. That is just one example. Only the imagination can limit the kinds of attacks that become possible when a hacker owns in-car Wi-Fi, passengers' devices and the car's identity (via spoofing).
"CISOs and CSOs at organizations with people who travel the country should be worried about these vulnerabilities since hackers can use these attacks to access company information," says Jerry Irvine, CIO, Prescient Solutions.
mHealth Applications / Mobile Medical Devices
"The market for wearable wireless devices across sports, fitness and mHealth will grow from 42 million devices in 2013 to 171 million in 2018," says Jonathan Collins, Lead Analyst, ABI Research. As of 2014, hackers will increasingly attack mobile medical devices running Windows, including pacemakers, according to Rodney Joffe, Senior Technologist, Neustar. Traditional manufacturers use proprietary embedded systems that are hard to hack due to their closed source code and restrictions. But, non-traditional device manufacturers often use a form of Windows.

[Smart devices get smarter, but still lack security]

"Windows is very popular for those devices because it is cheap, ubiquitous and well-known among programmers," explains Joffe. But, unlike Windows on a desktop computer, there is no patching mechanism for Windows on these devices, according to Joffe. The more these devices connect to the Internet through wireless frequencies such as WiFi, the more viruses will spread among them.

Aucun commentaire:

Enregistrer un commentaire