Our friends over at InfoSecurity Magazine have an interesting interview with SANS’ Director of Emerging Security Trends John Pescatore about security and The Internet of Things. Pescatore gets a somewhat skeptical hearing from the enterprise-focused IT security publication. (“Granted, it’s unlikely that anyone would be sending a car an email with a malicious executable, but that doesn’t mean there aren’t threat vectors for hackers to exploit,” InfoSecurity opines, by way of an introduction. Oh really?) But Pescatore brings a “deep field” view to this topic, noting that the security issues around IoT are already upon us in the spent almost two decades as Gartner’s Obi-Wan Kenobi for security, where he advised companies and technology vendors on the best way to navigate the shifting sands of the IT security space. Speaking to InfoSecurity, Pescatore says the 100,000 foot message is: ‘let’s learn from our mistakes.’ Specifically, that means not looking at intelligent devices, including […]
Tag: hardware
The Stylish Sensor: Canary Poised To Take Flight
We’re still in the early days of the fast-emerging Internet of Things, but we can already identify some areas where inexpensive, remote sensors and other IP-enabled stuff will be transformative. Entertainment is one – and we’re already seeing the emergence of “smart TVs” that upset traditional boundaries between personal computing devices and viewing devices. Another market that’s being shaken is the one for home security systems. Anyone who has visited an electronics store or discount warehouse has seen packages of inexpensive, wi-fi enabled cameras that can be used to monitor the goings-on in and about your home “Scarface style.” Those DIY systems pose a threat to firms like ADT, GE and Tyco, which have been selling home security systems and monitoring services for decades. But you’re really setting the “paranoia” bar pretty high if you want to ask someone to install all those cameras, wire them up and then monitor […]
Samsung Smart TV: Like A Web App Riddled With Vulnerabilities
Smart television sets aren’t short on cool features. Users can connect to Facebook and Twitter from the same screen that they’re using to watch Real Housewives of New Jersey, or log into Skype and use a built in- or external webcam to have a video chat. Unfortunately, the more TVs start to look like computers, the more they are becoming subject to the same underlying code vulnerabilities that have caused headaches and heartache in the PC space. That was the message of two researchers at the Black Hat Briefings security conference Thursday, who warned that one such product, Samsung’s SmartTV, was rife with vulnerabilities that could leave the devices vulnerable to remote attacks. Vulnerabilities in the underlying operating system and applications on Samsung SmartTVs could be used to steal sensitive information on the device owner, or even spy on the television’s surroundings using an integrated webcam, said Aaron Grattafiori and Josh […]
Podcast: Black Hat Preview With Trustwave’s Nick Percoco
Next week, the world’s attention will shift to Las Vegas for the annual Black Hat and DEFCON hacking conferences. What will be the big trends this year? We sat down last week with Nicholas Percoco of Trustwave’s Spider Labs to get his thoughts on the show. Nick is a regular at Black Hat and other events – both in the audience and on the stage. He said one of the big themes this year will be hacks on consumer electronics and home automation systems. As we reported, two Trustwave researchers have delved into the security of a wide range of “smart home” technologies, including home automation gateways and even a bluetooth enabled “smart toilet.” Percoco said that manufacturers of these devices need to pay more attention to security, and can’t assume that the people buying their devices are technically sophisticated enough to understand how to safely deploy or manage Internet […]
Breaking And Entering: Hackers Say “Smart” Homes Are Easy Targets
In just the last two years, the price of home automation technology has come way down, while variety has exploded. Smart home technology goes way beyond niche products like the Nest IP-enabled thermostat or (save us) the “HAPIfork.” A growing list of vendors are selling infrastructure to support a whole network of intelligent “stuff”, enabling remote management of home security and surveillance systems, IP-enabled door locks, IP enabled lights, smart home appliances, HVAC (heat and cooling) and more. Pretty cool. And, also, pretty scary. What if that IP-enabled door lock or garage door opener could be hacked by someone outside your home and made to open on its own? Breaking and entering just got a lot easier. Or, what if a HVAC system could be hijacked and remotely disabled or forced to operate in ways that would damage the system or even cause a fire or electrical short in the […]
