Skip to main content

IOT

IoT is a nightmare for any security expert

IoT has been about attaching billions of devices to the Internet and the disruption that these devices will create for the world of technology and everyday lives. Without security, this disruption could result in tragedy.

There is a funny joke about IoT that has been shared around Twitter over the past few months. I saw it attributed to a guy named Tim Kadlec (@tkadlec). “The S in IoT stands for security." Think about that for a second, as you say, “wait, there is no S in IoT". That is exactly the point of Tim’s statement. IoT is missing security.

IoT devices are 99% of the cases based on Linux, the users don’t know what is running on these devices.

There are so many known vulnerabilities inside IoT devices.

We put these IoT devices inside our secure areas sometimes to monitor people e.g. security cameras or print sensitive information (printers). Don’t be mistaken this is very dangerous and numerous attacks have happened this way. Building security at the perimeter is almost impossible because these devices are good at mimicking default allowed communication and find their way outside that way (e.g. mimicking a user on the network who is just going to a standard website).

IoT is inside TV’s, routers, security cameras, medical devices, printers, ... today sometimes even a fridge.