Welcome to WebmasterWorld Guest from 18.204.48.199

Forum Moderators: open

IoT Could be the Achillies Heel

     
4:16 pm on Aug 6, 2019 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26458
votes: 1076


Microsoft has published an interesting piece about Internet of Things being a weakness, having discovered various attacks.
Clearly, more has to be done on the security of the many millions of IoTs connected to a network so that this problem does not continue to get worse. Whether it'll actually get better or not is a different matter.
Today we are sharing this information to raise awareness of these risks across the industry and calling for better enterprise integration of IoT devices, particularly the ability to monitor IoT device telemetry within enterprise networks. Today, the number of deployed IoT devices outnumber the population of personal computers and mobile phones, combined. With each networked IoT device having its own separate network stack, it’s quite easy to see the need for better enterprise management, especially in today’s “bring your own device” world.

[msrc-blog.microsoft.com...]

This is well worth reading from many aspects, whether you are a webmaster, an IT manager, or have people in your house using your network.
IoT security should concern everyone.
4:31 pm on Aug 6, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10569
votes: 1124


the level of security for these devices is appalling. I won't have them in my house ... even going so far as to avoid new products that have such to purchase out of date, scratch and dent, floor models, or even used (think tv, refrigerator, etc).
4:58 pm on Aug 6, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts: 3022
votes: 214


We have already had IoT widely used for DDOS. There are a huge number of other attacks possible. Can you imagine the damage that would be caused if smart meters were used to widely shut down electricity supplies, for example?

The FBI has publicly attributed this activity to a nation-state actor


Which means they are not just doing this for fun and they have the resources to improve on it.
5:03 pm on Aug 6, 2019 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26458
votes: 1076


Can you imagine the damage that would be caused if smart meters were used to widely shut down electricity supplies, for example?

Aren't smart meters using phone networks, not internet?
5:26 pm on Aug 6, 2019 (gmt 0)

Preferred Member from CA 

Top Contributors Of The Month

joined:Feb 7, 2017
posts:579
votes: 60


I won't have any of these devices in my house. China has a big IoT push, as part of their tech plan.

"Aren't smart meters using phone networks, not internet?" Not here in Toronto. They are all wireless, through the web.
5:52 pm on Aug 6, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts: 3022
votes: 214


Thanks, I checked and first generation in the UK used mobile networks and seem to be just mobile data connections so they are very vulnerable.

The second generation use a purpose built network which is a huge improvement but if you are taking about a nation state attacker is it enough? [ncsc.gov.uk...]