Internet of Things (IoT) is posing a real threat to the cybersecurity of public and private sector systems. This disruptive technology is creeping into workplaces, homes and industrial facilities as technologists deploy monitoring devices, smart controllers and other technologies designed to have an impact on the physical world. The IoT is here to stay, with estimates that deployments will grow to include more than 50 billion Internet-connected devices by 2020. By Mike Chapple Hackers are also noting the widespread use of IoT devices, and analysts are beginning to see devices being used as both the target of attacks and a means for attacking traditional systems. Recent reports underscore the significant risk that a software vulnerability in a single category of IoT devices can pose to the physical safety and the cybersecurity of other networked devices. The proliferation of these devices, combined with terrorist interest in undermining them, requires a strong response from agency security teams. Attacking the IoT Attackers may decide to directly target a software vulnerability in an IoT device to cause undesirable effects. Forbes reports that hackers have consistently used baby monitors, security cameras, cable boxes and other IoT devices to harass people in their homes. In a troubling report, Wired explained how cybersecurity researchers Charlie Miller and Chris Valasek were able to remotely control a Jeep by hacking the vehicle’s entertainment system over the cellular network. As a result of these violations, government agencies must pay careful attention to the development of IoT as a disruptive technology, particularly in sectors where it might jeopardize public safety. The growth of technology use in healthcare, transportation, public safety and other regulated industries raises concerns about the potentially disastrous impact of a vulnerability in those devices. In order to combat potential threats, healthcare providers and government agencies should take advantage of secure medical devices and other IoT systems. Security measures for these devices should include:
- Placing IoT devices on segmented networks that isolate them from both direct internet access and other devices on the network. Controlling the devices that may communicate with IoT systems, as well as the systems that IoT devices may contact, dramatically reduces the potential for attack.
- Implementing strong authentication measures that verify the identities of users and administrators connecting to IoT devices.
- Monitoring vendor security bulletins for vulnerability announcements and applying security patches to IoT devices promptly after release. IoT devices must be treated with the same care and attention to configuration management as any other networked device.
- Encrypting the communications to and from IoT devices. Data streams and control channels for IoT devices should use encrypted, secure communications channels to prevent eavesdropping.
- Samsung’s government technology solutions help agencies provide a secure IoT experience with tools such as the Samsung Knox security platform for mobile devices.
- Read the original article on Insights.Samsung.com