The seriousness of KRACK and the threat posed by Wi-Fi vulnerabilities to IoT-enabled devices should not be underestimated, say experts.
This week, the headlines have been full of KRACK, ever since security researchers revealed on Monday the existence of several major security vulnerabilities that could be exploited to steal sensitive information from devices connected to a wireless network.
These exploits are known as Key Reinstallation Attacks – hence the term KRACK – and they affect the WPA2 protocol that is the current industry standard for encrypting traffic on Wi-Fi networks. In other words, a skilled hacker could intercept and manipulate the traffic flowing between a connected device and the web.
The only good news in this whole mess seems to be that the attacker needs some physical proximity to the device itself in order to succeed in this kind of attack. At the very least, that vastly reduces the possibility that KRACK could be used to create botnets.
This is one of eight conclusions drawn from a conference of representatives from the private sector, security community, law enforcement, the European Computer Security Incident Response Teams (CSIRT) community and academia.
The conference was hosted by Europol and Enisa, which have joined forces to tackle the security challenges presented by a wide and diverse ecosystem of up to 20 billion interconnected devices by 2010 and services that collect, exchange and process data to adapt dynamically to a context.
Okay, marketers and technology enthusiasts have been talking about the coming of the Internet of Things (IoT) for years. But with products like Google Home and Amazon Echo emerging and gaining popularity, it’s reasonable to suspect that 2017 is the year that IoT finally starts taking off.Even though original estimates held that we’d see 50 billion “connected” devices by 2020, revised estimates are still targeting nearly 30 billion, representing an industry worth hundreds of billions of dollars in the near future.
I’m writing by the light of a candle, with a pencil in the bathroom. I have to sit here in the dark. You see, the Internet of Things is driving me mad, out of my mind. The appliances in my home are ruining me; sliming me.
I always had trouble with inanimate objects: doors that hit me, shoes that hid from me, hammers that sought out my thumbs and carpets that wanted me flat on my ass. But that was before the Internet of Things; before Silicon Valley issued them with brains.
That nice, useful microwave is a malicious devil. Would you believe that it has gotten the other appliances – all those with computers built in — to conspire against me because of something I wrote belittling the Internet of Things?
Well, the things have taken up arms against me. It is war, plain and simple, in my home.
They bully me. The washing machine emailed me, “I know what you and the boys did last night. Spaghetti and Chianti again?” …’
3It’s easy to be skeptical about new tech trends. Every emerging technology is seemingly touted as the “next big thing,” which leaves consumers and investors to wonder which new thing is truly the next big thing, and what’s just hype.
So I understand why there’s some skepticism among investors about the Internet of Things (even though I think it could be one of the best years to invest in this market). But if you doubt that the IoT has staying power, or worry that it can’t live up to the hype, or that it’s just a fad, let me challenge that thinking by explaining what the IoT is, and more importantly, what it is isn’t.
The internet of things (IoT) is slowly changing the world. It already integrates with numerous industries and can be found in many homes around the globe. Research firms like Gartner and the International Data Corporation (IDC) predict monumental growth in terms of connected devices and profits.
IoT’s rising position, however, may not be wholly due to its own merits. Rather, it’s the intersection with artificial intelligence that is responsible for such advantages as workplace efficiency, cost savings on utility bills, and convenience.
While we’re already reaping rewards from the interplay between AI and the IoT, the duo still has a ways to go to reach its full potential. Consumers, designers, developers, government leaders, and manufacturers are worried about various aspects of the combined technologies. And those concerns must be addressed if we’re to develop a positive, forward-looking roadmap.
A security researcher claims to have established the identity of a programmer behind the code that carried out some recent crippling online attacks.Late last year, hundreds of thousands of connected devices were hacked and used to send debilitating surges of data to servers. These so-called Internet of things (IoT) botnets, made up of hardware such as Internet-connected cameras and broadband routers, were used to take down websites and Internet infrastructure. The most notable attack affected large swaths of the East Coast of the U.S.
Cybercriminals will use distributed denial of service (DDoS) attacks in 2017 to extend their reach as there are now several Internet of Things (IoT) devices containing outdated codes and operating with well known vulnerabilities, a global security firm warned on Monday.
According to Sophos, global network and endpoint security firm, financial infrastructure is at greater attack risk as the use of targeted “phishing” and “whaling” continues to grow.
A consortium of researchers today announced the development of a universal, free, and open-source framework to protect wireless software updates in vehicles. The team issued a challenge to security experts everywhere to try to find vulnerabilities before it is adopted by the automotive industry.
The new solution, called Uptane, evolves the widely used TUF (The Update Framework), developed by NYU Tandon School of Engineering Assistant Professor of Computer Science and Engineering Justin Cappos to secure software updates. Uptane is a collaboration of NYU Tandon, the University of Michigan Transport Research Institute (UMTRI), and the Southwest Research Institute (SwRI), and is supported by contracts from the U.S. Department of Homeland Security, Science and Technology Directorate.
Connected cars are the future for the automotive industry, with more than 90 percent of vehicles expected to have built-in connectivity by 2020. But, as more vehicles link up to the internet, lawmakers are worried about their security.On Wednesday, lawmakers introduced a bipartisan bill in the U.S. House of Representatives that would direct the National Highway Traffic Safety Administration (NHTSA) to study cyber security in vehicles. Rep. Joe Wilson, R-SC, and Rep. Ted Lieu, D-Calif., co-sponsored The Security and Privacy in Your Car Study Act, which hopes to create a standard for safety in connected cars.