Cybercriminals set sights on Internet of Things in 2014
Connected devices are becoming increasingly attractive targets for cybercriminals, and while we saw few such attacks in 2013, the number is likely to surge in the year ahead.
That’s the opinion of a number of security experts, who say that the rapid adoption of networked devices and wearable tech will leave the Internet of Things wide open to a whole host of hackers hell bent on causing mischief.
These days, we’re seeing TVs, toasters and even toilets being hooked up to the web, but this will expose such devices to risks that they’re not yet ready for, warns vulnerability management company Rapid7 in an interview with eWeek.
“This is only set to continue—we’re already seeing network-enabled toasters, kettles, fridges and much more emerging,” Rapid7 stated.
“Unfortunately, researchers have found time and again that security issues abound on embedded devices, and they are typically very poorly patched.”
One of the main problems is that few companies take security seriously when creating their embedded devices, says Rapid7. Companies are more concerned with rushing their products out to market than making them safe against vulnerabilities, and this is exactly the kind of casual attitude that cybercriminals look to exploit.
Phil Packman, general manager for security enablement at British telecoms firm BT made the same warning in a recent blog post, warning that engineering teams don’t collaborate closely enough either with their colleagues or with their customers. This lack of communication can leave products wide open to vulnerabilities.
“It is often hard for the engineer to ‘connect’ in the course of his day job, and an external attack can seem quite unlikely,” Packman writes. “On the other hand, clients who rely extensively on automated control systems with remote monitoring can easily see how this risk is very real for them, carrying with it consequences that don’t bear thinking about.”
So far we’ve been lucky – 2013 saw very few attacks on Internet of Things devices, but there was a worrying increase in the number of attacks at the end of the year. One of the most notable of these was spotted by security firm Symantec last November, when it stumbled across a worm known as “Linux.Darlloz” targeted at Linux systems. The company noted that there was also evidence that the creators of Linux.Darlloz had designed variants capable of infiltrating the kinds of chipsets typically found in security cameras, set-top boxes and home routers.
If that doesn’t sound bad enough, things could get worse, much, much worse. One security company has even go so far as to predict that we could soon witness the first murder committed by the Internet of Things.
“With nearly every device, from healthcare to transportation, being controlled or communicated with in some way via the Internet, IID predicts that criminals will leverage this to carry out murders,” writes Internet Identity in its security predictions for 2014.
“Examples include a pacemaker that can be tuned remotely, an Internet-connected car that can have its control systems altered, or an IV drip that can be shut off with a click of a mouse.”
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU