Nigel Stanley, TÜV Rheinland: Exploring differences in IT and OT to get cybersecurity right in industrial systems

Towards the end of 2017, researchers from cybersecurity firm Dragos detected a foiled malware attack which, even though it wasn’t successful, had serious repercussions for anyone working in industrial environments.

The malware, known predominantly as Triton but also going under the monikers of Trisis or HatMan, targeted petrochemical plants in the Middle East. What marked it out from other attacks was that it focused on...

By James Bourne, 19 February 2019, 0 comments. Categories: Enterprise, IIoT, Security, Standards.

Study reveals laxness among automakers in terms of cybersecurity

An independent study conducted by Ponemon Institute found that 30% of the automotive companies do not have their own cybersecurity programme or a team. It also found that these companies do not even hire external organisations to secure the software used in their products.

Moreover, the survey shows that around 63% of all automotive firms are heedless when it comes to testing vulnerabilities. Less than half of software, hardware, and other technologies they develop remain untested.  

Commissioned by...

By IoT News, 07 February 2019, 1 comment. Categories: Connected Cars, Security.

Extreme Networks launches Defender for IoT with aim to secure edge devices

Extreme Networks, a California-based network equipment supplier, has launched Defender for IoT, which aims to help organisations secure edge and IoT devices.

Defender for IoT, which is part of the company’s Smart OmniEdge solution, can be deployed on any network by anyone, which means no technical expertise is required at all. It is so easy that even a non-technical staff at schools, hospitals, retailers, and hospitality...

By IoT News, 05 February 2019, 0 comments. Categories: Data & Analytics, IoT, Security, Standards.

Report: Half of IoT device apps leave users vulnerable

A paper distributed on ArXiv last week analysed the concerning lack of security when it comes to IoT device apps.

The security issues plaguing IoT devices themselves are well-documented. Security often seems to be an afterthought in the rush to market.

While there’s been a recent explosion in connected devices, app development has been around much longer. The mature development industry has created best practices to help ensure security, but it seems the note hasn’t reached IoT device app...

By Ryan Daws, 04 February 2019, 0 comments. Categories: Development, IoT, Security, Smart Cities, Smart Homes.

Oracle launches Java Card 3.1 to boost security for IoT devices at the edge

Oracle has launched the latest version of Java Card, its open application platform that secures some of the world’s most sensitive devices.

The Java Card 3.1 is an extensive update that aims to offer more flexibility in order to meet the special hardware and security requirements of both existing secure chips and emerging IoT technologies. The Java Card 3.1 has features that addresses use cases across markets ranging from...

By IoT News, 18 January 2019, 0 comments. Categories: Development, Enterprise, IoT, Security.

IoT security market set to grow over 25 percent annually

A report predicts a growth rate of over 25 percent annually in the North American IoT security market.

The market was valued at $1.7 billion in 2018 and is expected to reach $5.2 billion by 2023 at a compound annual growth rate (CAGR) of 25.1 percent, according to the report ‘Internet of Things (IoT) Security: North American Markets to 2023’.

BCC Research notes this growth is being driven by demand for cloud-based enterprise applications, growth in digitalisation and IoT security spending, and the...

By Ryan Daws, 16 January 2019, 0 comments. Categories: IoT, Security.

Less than half of businesses are able to detect IoT device breaches

A study conducted by Dutch software firm Gemalto reveals that only 48% of the businesses in the world are able to detect if any of their IoT devices suffers a breach.

The survey, which was conducted among 950 IT and business decision makers across the globe, found that organisations are urging governments to get involved to solve this problem, with 79% are calling for vigorous guidelines on IoT security, and 59% are looking...

By IoT News, 15 January 2019, 0 comments. Categories: Data & Analytics, Enterprise, IoT, Security.

Karamba Security: Vehicles face 300,000 attacks per month

The scale of cyberattacks on connected cars has been revealed by Karamba Security, and it makes for a rather concerning read.

Karamba set-up automotive electronic control units (ECUs) through which it’s been attracting internet attacks. In the last three months, the ECUs have been subjected to as many as 300,000 attacks per month.

Over 11 different attack types were attempted on the ECUs, including against:

  • Telnet (similar to a white hat attack on a VW Golf in April last year)

  • SSH

  • HTTP

The company’s ThreatHive solution aims to find these vulnerabilities through using such ‘honeypots’...

By Ryan Daws, 14 January 2019, 0 comments. Categories: Connected Cars, IoT, Security, Smart Cities.

Cybeats raises $3 million for greater lifecycle management with IoT devices

Canada-based computer security provider Cybeats is expanding its team in Toronto and abroad by raising $3 million in a recently conducted funding round led by early-stage venture capital fund Ripple Ventures. Real-estate technology venture capital fund GreenSoil Building Innovation Fund was the investor, while MaRS IAF, MLA48, ScaleX and Inovia Capital were the other participants in this fundraiser event.

Cybeats uses internal...

By IoT News, 07 January 2019, 0 comments. Categories: Enterprise, IIoT, IoT, Security.

McAfee and Verizon partner to secure home IoT devices

Verizon has partnered with cybersecurity experts McAfee to secure IoT devices around the home against increasing threats.

McAfee’s solution will be provided through Verizon’s Home Network Protection (HNP) to protect devices connected to the home network. New devices will be identified while unauthorised access will be blocked.

Any device acting suspiciously will have its internet access temporarily stopped. Halting network access prevents further infection while stopping the device being hijacked...

By Ryan Daws, 07 January 2019, 0 comments. Categories: IoT, Security, Smart Homes.

The best of IoT News in 2018 – and what the experts think will happen for IoT in 2019

2018 has been another important year in the development of the Internet of Things – and if there’s one thing you can be sure of, 2019 will be even bigger. According to IDC’s most recent spending tracker, global IoT spending will hit almost $750 billion in the coming year, led by the manufacturing industry.

Here, IoT...

By James Bourne, 04 January 2019, 0 comments. Categories: AI, Connected Cars, Enterprise, IIoT, IoT, Security, Smart Cities.

McAfee: IoT malware increasing alongside 480 threats per minute

Shocking research from McAfee Labs highlights the increasing prevalence of IoT malware as the cybersecurity firm detects 480 new threats per minute.

Years of putting functionality before security and rushing to market have led to many compromisable devices.

The Mirai IoT botnet attack in 2016 was a wake-up call with around 70 popular services taken offline after DNS provider Dyn was flooded with malicious traffic....

By Ryan Daws, 20 December 2018, 0 comments. Categories: IoT, Security.

‘White Hat’ hacker speaks to man through his IoT camera

A so-called ‘white hat’ hacker spoke to a man through his Nest camera to warn him of the dangers IoT devices can possess.

The man, Andy Gregg – an estate agent in Arizona – was in his garden when he first heard the voice who claimed to be from Canada.

In order to alleviate what could be a terrifying situation, the hacker quickly made clear there was no malicious intent.

Gregg recorded the conversation in which the hacker can be heard saying:

“We don’t...

By Ryan Daws, 18 December 2018, 0 comments. Categories: IoT, Security, Smart Homes.

End-to-end, lifecycle cyber protection for industrial systems: A guide

SCADA networks in any factory or critical infrastructure application require protection against increasingly sophisticated and well-funded cyber threats. As emerging security standards such as IEC 62443 help marshal the industry’s response, effective protection calls for an end-to-end, lifecycle approach to device security, extending from the underlying hardware to top-level applications and back into the supply chain.

Introduction:...

By Wesley Skeffington, 14 December 2018, 0 comments. Categories: Enterprise, IIoT, IoT, Security.

The NHS is seriously deficient in cybersecurity expertise

A report from Redscan has found the NHS desperately needs more in-house cybersecurity expertise to protect against increasing attacks.

Potential ways to compromise the NHS systems are increasing as systems become connected for things such as remote health monitoring, accessing records, and even surgery.

The vulnerability of the NHS was highlighted last year when a ransomware spread to critical systems and held them hostage. At least 6,900 NHS appointments were cancelled as a result of the attack.

On average,...

By Ryan Daws, 11 December 2018, 0 comments. Categories: Healthcare, IoT, Security.

Significant lack in awareness of IoT security among IT leaders, study finds

A survey conducted by IT security firm Trend Micro has revealed that 86% of IT and security decision makers around the world believe their organisations need to enhance their awareness of IoT threats.

This is due to significant lack of knowledge which accompanies rising threat levels and security challenges related to connected devices that place organisations in a compromising position, the report added.

By IoT News, 21 November 2018, 0 comments. Categories: IoT, Security.

Mozilla assesses the security of this season’s IoT gifts

Mozilla has released the 2018 edition of its 'Privacy Not Included' guide which assesses the security of IoT gifts this festive season.

The guide breaks down whether each device is safe and can be trusted, especially when it comes to gifts designed for children.

We’ve already seen things such as connected teddy bears being hacked. Mozilla is warning people to steer clear of the Fredi Baby Monitor citing its lack of encryption, use of the default password ‘123’, no privacy policy, and...

By Ryan Daws, 15 November 2018, 0 comments. Categories: IoT, Security, Smart Homes.

Opinion: How IoT device manufacturers should take security to the edge

We’ve come a long way from the mainframe computing environments of the '50s, and you don’t hear much complaining about it. Renting computing power back in the day required you to physically go to the mainframe — an impractical situation at best.

With the advent of distributed computing going mainstream in the '90s, people all over the world could use networked computers to take advantage of the power of many. Today, Amazon Web Services, Google Cloud, Microsoft, and others are now the...

By Brad Thies, 12 November 2018, 0 comments. Categories: IoT, Security.

Crypto Quantique claims launch of first quantum-driven secure chip on silicon to strengthen IoT security

UK-based Crypto Quantique has announced the launch of what is being claimed as the world’s most advanced security product for IoT devices – with a quantum edge.

The technology behind this solution includes world's first quantum driven secure chip (QDSC) on silicon which, when combined with cryptographic APIs, provides highly scalable, easy-to-implement and seamless end-to-end security for any connected device.

By IoT News, 18 October 2018, 0 comments. Categories: IoT, Security.

UK government launches IoT security code of practice – HP and Centrica Hive sign up

The race to standardisation in the Internet of Things (IoT), particularly when it comes to security, is a long and knotted one. Getting security baked in at the design stage is increasingly important – and it is with that goal in mind that the UK government has announced a Code of Practice around consumer IoT.

HP and Centrica Hive are the first two companies to have signed up to the agreement to help manufacturers bolster...

By James Bourne, 16 October 2018, 0 comments. Categories: Data & Analytics, IoT, Security, Standards.