1. Restricting
Authenticating
Tracking
User Access?
Time Is Not
On Our Side!
1- IoT Medical Device Threats: http://resources.infosecinstitute.com/hcking-implantable-medical-devices/
2- IoT Car Threats: http://www.welivesecurity.com/2015/02/10/senator-car-hacking/ and http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
3 -Cyber Attack on a Steel Mill in Germany: https://securityintelligence.com/german-steel-mill-meltdown-rising-stakes-in-the-internet-of-things/
4 -2014 HP Fortify Internet of Things Research Report: http://www8.hp.com/h20195/V2/GetPDF.aspx/4AA5-4759ENW.pd
12100 Sunrise Valley Dr. Suite 290-1 Reston, VA 20191
The Internet of Things (IoT) is pretty scary. We’re not talking identity theft or
criminals making money from hacking kind of scary - we’re talking about
life-threatening scary.
IoT devices are everywhere, quietly performing critical functions in the medi-
cal, engineering, and industrial fields (to name a few). For example, insulin
pumps disperse life-saving insulin for people suffering from diabetes. Howev-
er, if a criminal breaches one of these devices, it is possible to trigger the
pump to disperse a major dose of insulin, killing the patient(1). Or, criminals
could gain access to your car’s IoT and take control(2) of it while you drive!
A major IoT attack occurred in a German steel mill(3) just last year. According
to reports, the criminals began with social engineering and spear-phishing
tactics, leading to the compromise of industrial control components, which
prevented the industrial blast furnace from shutting down normally. It is
suspected that the attack was conducted by insiders that knew the mill’s
systems quite well, and it caused major damage to the mill’s systems. Fortu-
nately, no one was hurt, but the incident could easily have cost lives.
IoT is here to stay, and in most cases, such technologies are going to change
the way we do business - and our personal lives - for the better. However, the
majority of IoT devices evaluated in a recent HP Fortify research study
displayed vulnerabilities(4) which could be exploited by cybercriminals. The
IoT is the new battlefront between security professionals and cybercriminals,
because of the wealth of easy targets the IoT provides.
This means that security professionals need to be very diligent in protecting
their organization’s IoT devices, and personal devices that can connect to the
organization from employees’ homes, cars, etc. Controls need to be in place
to prevent, detect and respond to threats that could compromise the confi-
dentiality, integrity and availability of IoT devices and applications.
Internet of Things (IoT)
We are vulnerable and it’s scary! Let’s make the IoT safe!
“The IoT is
the new
battlefront....”