Comments
Internet Of Things Opens Doors to Attack
Newest First  |  Oldest First  |  Threaded View
jgherbert
50%
50%
jgherbert,
User Rank: Ninja
11/19/2013 | 11:36:52 AM
Re: M2M
"WHen new stuff gets connected to the internet, it doesn't occur to people to secure it and the hackers are home free."

There's an interesting implication when you start connecting things with IPv6 and those devices have actual, unique, persistent IP addresses rather than masquerading behing an ever-changing TCP port with IPv4 NAT translations. That said, if you don't know the IP, it's a lot of IP addresses to scan, and most domestic routers supporting IPv6 have a stateful firewall, so perhaps it's not such a big deal. That's perhaps the one saving grace - most people outside the industry are going to be deploying in a home environment where their Internet connectivity sits behind a firewall. Of course if their WiFi is wide open, then it's all over... ;-)
jgherbert
50%
50%
jgherbert,
User Rank: Ninja
11/19/2013 | 11:28:48 AM
Re: Military Intelligence
An air gap between SIPRNET and the Internet is perhaps one way to maintain security at a higher level than the average website. Unless of course, the story about BadBIOS is true, in which case we're in deep trouble ;-) Well, that and I have never forgotten watching a USB flash drive go between the unclassified and classified networks at one defense site and thinking "you may as well just join the networks then." But that's another issue. 

My point was that if you have a secure, isolated network that is not connected to the Internet and connect your military things to it, it's a darned sight harder to attack than if you connect your IoE devices to an Internet-connected, unclassified network.

The fact that there are hackers out there who can hack things, I kind of took as a given.
HaileyMcK
50%
50%
HaileyMcK,
User Rank: Apprentice
11/19/2013 | 10:11:26 AM
M2M
This connection of more things to the Internet does broaden the potential attack space--and we do need to be thinking about it. I think ignorance and not thinking about it is the most dangerous thing. WHen new stuff gets connected to the internet, it doesn't occur to people to secure it and the hackers are home free. For example, just last year i saw figures that less than 7 percent of mobile phone have malware protection on them, Few people password protect thier phone, and people load software on their devices willy nilly, all without a thought to security. Now, we have to get people to figure out how to protect their credit card numbers used by the fridge to order fresh milk. THis is going to be a BIG challenge.
bneudiryuiert
50%
50%
bneudiryuiert,
User Rank: Apprentice
11/19/2013 | 2:26:28 AM
Re: Military Intelligence
Even if there is a toughest security in any kind of website irrespective of whether its a social or other there are Genuine hacker in this world who can easily find out the bugs and hack the entire website.

view publisher site
jgherbert
50%
50%
jgherbert,
User Rank: Ninja
11/17/2013 | 5:04:57 PM
Military Intelligence
Mention of the military does raise the question of whether they are really putting IP addresses on missiles and tanks that are available through the public Internet, or whether just via SIPRNET or similar. You would hope, at least, that there is some common sense about isolation of certain devices, and their interface to the rest of the network, let alone the public Internet.
ChrisMurphy
50%
50%
ChrisMurphy,
User Rank: Author
11/15/2013 | 4:30:37 PM
Re: Internet of Things and security
I don't see Internet of Things as overhyped. What's changing is improved connectivity and ability to affordably make sense of the huge quantities of data machine-to-machine links create. Doing this monitor-and-analyze well will differentiate industrial winners from losers. What that means for security? As the ROI and competitive advantage from IoT initiatives rise, the pressure will be intense to find ways to do this securely.
kjhiggins
50%
50%
kjhiggins,
User Rank: Strategist
11/15/2013 | 3:51:58 PM
Internet of Things and security
The good news is that white-hat security researchers are scanning the Net for these exposed devices. Take HD Moore and Rapid7's Project Sonar and the SCADA-related Project SHINE. The bad news is that even with all of the awareness these and other projects are raising, many of the issues won't be fixed. Meanwhile, the bad guys also are scanning away.


The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.