This is excellent advise from the team at KnowBe4. It is a great start to the new year, especially considering all the devices and gadgets received and/or purchased over the holidays.
IoT
Schneier – The Future of Ransomware
This is an interesting essay by Bruce Schneier discussing the future of ransomware in the context of the Internet of Things. Enjoy!
https://www.schneier.com/blog/archives/2017/05/the_future_of_r.html
Rash of in-the-wild attacks permanently destroys poorly secured IoT devices
This article is both very intriguing and a little scary. Please take a moment to consider the implications of relying on IoT devices in your daily life and not properly managing and rotating those default credentials.
Kudos to Bruce Schneier and his blog post for the original heads up.
Regulating the Internet of Things
Always an entertaining and insightful speaker…enjoy this IoT talk from Mr. Schneier.
https://www.schneier.com/blog/archives/2017/03/me_at_the_rsa_c_1.html
Free IoT Vulnerability Scanner Hunts Enterprise Threats
This is a nice, free offering from the team at BeyondTrust.
St. Jude Faces New Claim Heart Implants are Hackable
Threats and vulnerabilities associated with The Internet of Things (IoT) are not just focused on wireless cameras, home routers, and DVRs. There are a myriad of life saving medical devices that communicate via some form of wireless protocol including insulin pumps, pacemakers, and spinal stimulators among others. These devices, if compromised, can cause problems much larger than a simple DDOS attack. A compromised medical device can lead to death. Security must be taken more seriously for these devices in the immediate future.
https://threatpost.com/st-jude-faces-new-claim-heart-implants-are-hackable/121504/
Mirai-Fueled IoT Botnet Behind DDoS Attacks on DNS Providers
This info concerning the Dyn attack was to be expected. Attacks associated with large IoT botnet farms are only going to increase in the immediate future given the effectiveness demonstrated in the DDOS attack against Brian Krebs. For the foreseeable future, this will be a defensive struggle simply because patching options for the IoT devices in question are largely non-existent.
https://threatpost.com/mirai-fueled-iot-botnet-behind-ddos-attacks-on-dns-providers/121475/
At least 15% of home routers are unsecure
This article is in no way surprising, but it does help to continue to focus the conversation around The Internet of Things and why securing those devices is so important for home users, businesses and nation states alike.
http://www.welivesecurity.com/2016/10/19/least-15-home-routers-unsecure/
We Need to Save the Internet from the Internet of Things
This is a very straight-forward and timely article by Bruce Schneier concerning the Internet of Things, framed in the light of the attack against Brian Krebs. There are no simple solutions to this problem, this threat, but it is a threat that should be addressed and the solution or solutions will take time. We need to starting working diligently.
http://motherboard.vice.com/read/we-need-to-save-the-internet-from-the-internet-of-things
SANS Institute in IoT Botnet Warning
Threats associated with the “Internet of Things” are very real and a serious concern. Take a moment and simply count in your head the number of devices active on the Internet in your home – your computers, laptops, gaming consoles, smartphones, handheld games, printers, camera systems, doorbells, thermostats, kitchen appliances – the list goes on and on. All of these devices are potential bot nodes or network entry points.
Think about the firewall at the edge of your DSL or cable modem. Is it secure? Is it properly configured? How often do you connect to it and verify the active connections and associated devices? Take the time to secure your home network just as you would your physical doors and windows. You may have a “door” standing wide open that you never considered.
http://www.infosecurity-magazine.com/news/sans-institute-in-iot-botnet/
https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/