Security of Internet of Things in Spotlight at RSA Conference

Wednesday, April 22, 2015

Brian Prince

0ead717779244d9aab5c1699308850d2

RSA Conference 2015 -- The security challenges posed by the growth of the Internet of Things (IoT) are far from hypothetical - a point being hammered home here at the RSA Conference in San Francisco.

How to secure the ever-growing Internet of Things is the subject of multiple talks at the conference. Daniel Miessler, practice principal at Hewlett-Packard, is among those presenters. According to Miessler, the biggest problem is not a particular vulnerability. Instead, it's that all the security problems of the last 20 years are being repeated and now combined in IoT, he said.

"We've had network security, application security, mobile security, and cloud security leading up to IoT, and unfortunately we tend to start over when we move into new spaces," he told SecurityWeek in an interview. "With IoT it's much worse because IoT products have every one of these components, but they're being assembled not by the experts but by those who are new to those areas. This presents the greatest amount of risk from IoT - it's about IoT being far behind the collective security postures of the components that it's comprised of."

A new report released today from NSFOCUS linked IoT-devices to an increase in SSDP [Simple Service Discovery Protocol] reflection attacks during the second half of 2014. More than 30 percent of compromised SSDP attack devices were network-connected devices such as home routers and webcams, according to the firm.

Read the rest of this story on SecurityWeek.com.

9571
Firewalls IDS/IDP Network Access Control Network->General SCADA
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.