The most effective point at which IoT security should be addressed is reportedly an operating system on which the same codebase and practices as the standard enterprise security measures can be applied, a new study has claimed.
In September 2016, the world witnessed its largest ever IoT security botnet attack through Mirai, a string of malicious code which, through the co-opting of vulnerable devices, brought down a swathe of internet service providers (ISPs) and online services affecting businesses and consumers alike.
The root cause was traced to devices using factory set default usernames and passwords.
According to a study conducted by Canonical, it doesn’t take a great deal of imagination to see the potential outcomes of such attacks.
More recently, the WannaCry ransomware worm was responsible for a number of high profile exploits of outdated, unpatched Windows XP desktop systems – including several used by the NHS – resulting in a number of high profile ransomware demands.
So, how long before IoT security is exploited in similar ways?
- In 2016, more than 23,000 news stories were published concerning the threat of IoT security
- One in five (21%) of IoT professionals surveyed by Canonical believe IoT security issues have been overly ‘hyped up’ by the media
- However, 79% disagree, believing that the media has either portrayed an ‘accurate’ picture of IoT security issues, or that they had actually been underplayed, and would be ‘much worse than they think’
The “genie is out of the bottle” as far as IoT security is concerned. As hackers get ever more interested by poorly protected IoT devices, it seems likely we’ll see more such attacks take place, with malicious agents utilising swarms of IoT devices to compromise commercial entities.
For Full Story, Please click here.