Internet of Things

ComputerWorldIndependent

Windows Trojan hacks into embedded devices to install Mirai

Attackers have started to use Windows and Android malware to hack into embedded devices, dispelling the widely held belief that if such devices are not directly exposed to the Internet they’re less vulnerable.

Researchers from Russian antivirus vendor Doctor Web have recently come across a Windows Trojan program that was designed to gain access to embedded devices using brute-force methods and to install the Mirai malware on them.

Mirai is a malware program for Linux-based internet-of-things devices, such as routers, IP cameras, digital video recorders and others. It’s used primarily to launch distributed denial-of-service (DDoS) attacks and spreads over Telnet by using factory device credentials.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent

AT&T, IBM, Nokia join to make IoT systems safer

Some big players in security and the internet of things, including AT&T and Nokia, are joining forces to solve problems that they say make IoT vulnerable in many areas.

The IoT Cybersecurity Alliance, formed Wednesday, also includes IBM, Symantec, Palo Alto Networks, and mobile security company Trustonic. The group said it won’t set standards but will conduct research, educate consumers and businesses, and influence standards and policies.

As IoT technologies take shape, there’s a danger of new vulnerabilities being created in several areas. Consumer devices have been in the security spotlight thanks to incidents like the DDoS attacks last year that turned poorly secured set-top boxes and DVRs into botnets. But the potential weaknesses are much broader, spanning the network, cloud, and application layers, the new group said in a press release.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent

Ransomware soars in 2016, while malware declines

A global cyberthreat report released Tuesday found that 2016 was a mixed bag: malware was down slightly, but ransomware attacks soared, up 167 times the number recorded in 2015.

In addition to that huge increase in ransomware, 2016 saw a new line of cybercrime from a large-scale DDoS attack through internet of things devices. The principal case occurred in October when the Mirai botnet attacked unprotected IoT devices, such as internet-ready cameras, resulting in a DDoS attack on Dyn servers.

The 2016 report, by cybersecurity company SonicWall, looked at data from daily network feeds sent from more than 1 million sensors in nearly 200 countries.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent

AT&T extends NetBond service to secure IoT connections

The internet is what made IoT happen, providing a common protocol to take the place of separate, specialized networks. But the public internet itself may not always be the best path between a connected device and the cloud.

Enterprises can now connect cellular IoT devices to back-end systems via NetBond, a private network service from AT&T, instead of the Internet. The NetBond service sets up a VPN (virtual private network) from an edge device to the cloud. It can connect to 16 different public clouds, including Amazon Web Services and Microsoft Azure, or a private or hybrid cloud.

To read this article in full or to leave a comment, please click here

Read More

(Insider Story)

Read More
IndependentKrebs

The FTC’s Internet of Things (IoT) Challenge


One of the biggest cybersecurity stories of 2016 was the surge in online attacks caused by poorly-secured “Internet of Things” (IoT) devices such as Internet routers, security cameras, digital video recorders (DVRs) and smart appliances. Many readers here have commented with ideas about how to counter vulnerabilities caused by out-of-date software in IoT devices, so why not pitch your idea for money? Who knows, you could win up to $25,000 in a new contest put on by the U.S. Federal Trade Commission (FTC).

Read More