Tuesday 28 January 2014

Is the Internet of Everything Under Attack, Asks Trend Micro @TrendMicro

The “Internet of Everything” (also known as the Internet of Things) became one of the biggest technology buzzwords of 2013. This term refers to the increased digitization of everyday objects, and with new technology devices being designed with connectivity in mind, securing these devices has becomes the next big security challenge.

2014 already has a glittering array of interesting technologies lined up for launch. Gamers have a lot to look forward to. Furthermore, not only has the latest console war started, but Valve will also bring Linux gaming to the fore with the Steam Machine, The Oculus Rift may revolutionize interactive gaming. Gaming has already been a lucrative target for criminals, with gaming accounts regularly traded in criminal forums. If the Steam Machines proves popular, a rise in Linux malware may be on the cards.
2014 could also be the year that augmented reality (AR) starts to become more common in everyday life. There are already many AR apps that can be played on the smartphone; however a phone is not well suited for AR. Users need to take it out of their pockets, unlock it, open an app, aim it at the object of interest – and even after all that users are working with a relatively small 4 or 5-inch screen.
AR works best with full immersion – and that’s where wearable technology like Google Glass and SpaceGlasses come in. There are many interesting technical and even psychological attacks that can be carried out against such devices. For example, owners of these devices are (almost literally) walking around with a camera attached to their head. It’s not a major leap for a criminal specializing in banking malware to realize that this is an excellent way to capture banking PINs and passwords.
Also, since the discovery of Stuxnet the ICS/SCADA community has come under intense scrutiny from the security industry. Most security conferences now feature at least one talk on SCADA security. Trend Micro’s Forward Looking Threat Research team released a series of papers on the topic in 2013 and proved that SCADA attacks are not just theoretical, but are taking place in reality.
In 2014 this will certainly continue, especially in targeted attacks or cases of blackmail and extortion. Trend Micro believes that a new area is really starting to heat up for security researchers and attackers alike – the whole area of radio-based communications. Because radio uses no wires and is sent “magically” through the air, many people assume (wrongly) that it is secure.
This year, Trend Micro showed that the AIS standard used for ship tracking has many issues – and other researchers showed similar issues with ADS-B (which is used in aviation). Trend Micro expects to see more such research released in 2014. More technology that were never designed with security in mind, or to be easily accessible remotely – are suddenly being connected to the Internet, leaving their security holes for everyone to see.
With all of this interesting and emerging technology on the horizon, will attacks on the Internet of Everything become a major issue in 2014? Trend Micro, does not think so, however attacks on IoT devices and the underlying architecture will be a major area of attack in the future, which future will not be until 2015 and beyond.
As discussed further in our 2014 security predictions, what is missing right now is the “killer app” that will drive mainstream adoption of IoT. There are many innovative devices, but no massive breakthroughs. Google Glass (or something like it) may be the closest to finding its “killer app”, but even then it will take time to become fully mainstream. Criminals will wait for a critical mass of users that can be targeted, however, once such a device does reach mass appeal – cybercriminals of this world will not be slow to act.

1 comment:

Chandrapal Singh said...

sometimes we become confused between internet of things and internet of everythings, if you are to then you can resolve your issues form here .. http://bit.ly/2irs7Is

Post a Comment