SESIP embraced as European IoT security evaluation standard

GlobalPlatform’s Security Evaluation Standard for IoT Platforms (SESIP) has been embraced as the foundation for a European Standard (EN). 

This milestone decision aims to streamline the IoT ecosystem’s approach to regulatory challenges and facilitate a comprehensive understanding, deployment, and explanation of security measures.

“This is all about raising the bar for IoT security,” commented Eve Atallah, the chair of GlobalPlatform’s SESIP sub-task...

30 October 2023 | IoT

Asimily report highlights threats to connected healthcare devices

Asimily has released a report delving into the intricate challenges faced by healthcare delivery organisations (HDOs) when it comes to safeguarding their Internet of Medical Things (IoMT) devices from cyber threats.

HDOs are grappling with a myriad of issues, chiefly the fact that their dependency on connected devices is paramount to patient outcomes and the quality of care. In a field where even minor service interruptions can have life-altering consequences, the stakes are...

23 August 2023 | Healthcare

Anker admits Eufy cams weren’t encrypted

Anker has finally acknowledged that its Eufy smart cameras weren’t end-to-end encrypted.

In November, security researcher Paul Moore highlighted that Eufy cameras were uploading data even when cloud upload settings were disabled. However, an even more concerning finding was that camera streams could be watched live through external video players.

Anker promoted local storage and end-to-end encryption as core features of its security cameras. Several publications have...

1 February 2023 | Applications

Arlo criticised for new end-of-life policy

Netgear spinoff Arlo has been criticised for pulling support for several of its connected security cameras over a relatively short period.

In a new EOL policy, Arlo announced that it may end support for any camera that hasn’t been manufactured for four years old.

Arlo manufactures popular security cameras. Purchasers typically buy a security camera, set it up, and forget about it until it breaks. Every tech product reaches end-of-life (EOL) eventually but you expect...

3 January 2023 | Applications

UK, Canada, and Singapore join forces to secure IoT devices

The UK, Canada, and Singapore are joining forces to improve the security of IoT devices.

In a joint statement, the governments of the respective countries noted the economic and social benefits of IoT devices. However, they also warned of the risks of insecure IoT devices not just to consumers’ own security, privacy, and safety, but also to the broader economy through large-scale cyberattacks.

Many record-breaking cyberattacks have taken advantage of the often poor...

10 November 2022 | Consumer IoT & Wearables

Japanese firms team up to protect connected cars

NTT Communications and DENSO are joining forces to respond “to the threat of increasingly sophisticated cyber-attacks against vehicles.”

The companies are developing the Security Operation Center for Vehicles (VSOC).

Hackers target connected cars for numerous reasons, including location tracking, data gathering, and causing physical harm.

NTT brings to the partnership its vast knowledge and solutions in fields such as networking and cloud computing....

18 October 2022 | Connected Vehicles

Natali Tshuva, Sternum: On ‘future-proof’ IoT security

Sternum is using patented technology to protect IoT devices against even unknown vulnerabilities in real-time.

The company was co-founded by Natali Tshuva, who was recognised for her talents from an early age and was handpicked at 19 to serve in the Israeli Defense Forces’ 8200 unit (the equivalent of the MI6 in the UK or the NSA in the US.) She then went on to hold numerous high-level cybersecurity roles before founding Sternum.

IoT News caught up with Natali to...

8 September 2022 | Enterprise

Verizon: IoT/mobile cyberattacks leading to downtime increase 22%

Verizon’s latest Mobile Security Index (MSI) highlights continuing growth in IoT/mobile cyberattacks leading to downtime.

According to the research, cyberattacks in the last year involving a mobile/IoT device – that resulted in data or system downtime – increased 22 percent year-on-year.

23 percent of surveyed enterprises had suffered a compromise. Of those, 74 percent said the impact was “major” and over a third (34%) said that it had lasting...

3 August 2022 | Enterprise

Fronton botnet can launch trending disinformation campaigns

A Russian IoT botnet known as Fronton can use inauthentic coordinated behaviour to launch disinformation trends on social media.

“Trends” on social media platforms are how many people keep updated with what’s going on in the world. There’s growing awareness of not believing everything that’s posted under a trend – especially around developing events like terror attacks – but there’s often an acceptance that it’s trending because enough real people are posting...

23 May 2022 | IoT

Mirai variant ‘Beastmode’ exploits fresh vulnerabilities

A variant of the Mirai botnet called Beastmode has been observed exploiting recently-discovered vulnerabilities.

The Mirai botnet is composed primarily of IoT and embedded devices. In 2016, Mirai made national headlines when it used exploited connected devices to overwhelm several high-profile targets with record-setting Distributed Denial-of-Service (DDoS) attacks.

Mirai’s original creator was arrested in the fall of 2018 but variants have continued to emerge which...

4 April 2022 | IoT