Communications of the ACM
Tackling Enterprise Threats From the Internet of Things
Security experts warn of the poor security associated with the Internet of Things, which they say poses a dire threat.
Credit: Shutterstock
Security experts warn that a dire threat is posed by the poor security of the Internet of Things, which includes a growing number of Web-linked embedded systems, network devices, instrumentation systems, and machine-to-machine communications devices.
Earlier this year, Rapid7's HD Moore released a report that said more than 300 million network devices with known configuration or security flaws that were accessible online. Aspect Security CEO Jeff Williams says the profusion of insecure Internet-connected devices and systems creates opportunities for attackers to cause harm by "causing fires, overloading networks, turning off refrigeration, opening locks, blocking communications, starting alarms, suppressing alarms, cutting power, releasing chemicals, stopping cars, [and] hiding the remote."
SecureState researcher Spencer McIntyre says the most vulnerable devices and systems are those just large enough to be running a full Linux stack or embedded Windows. NSFOCUS' Vann Abernethy says embedded devices need to be brought into IT security-monitoring schemes, while others say a solution will have to take the form of a change in the way access systems identify devices. Ping Identity's Patrick Harding says the first step toward such a change will be the articulation of common addressing models and protocols that will be able to do for device identification what IP and HTTP did for the Internet.
From Dark Reading
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA
No entries found