In September, the DDoS takedown of security guru Brian Kreb’s website made history in that it was the largest such reported attack ever, with unwanted traffic to his site reaching levels of 620 Gbps. The attack was also newsworthy as it relied primarily on compromised IoT devices.
Also this month, the industrial industry made strides in IoT security when the Industrial Internet Consortium (IIC) released the initial version of its security framework.
Below you will find a few more IoT security highlights from the month.
If you find any of these topics interesting, we would love to discuss them with you on Twitter. Share your thoughts with us using the hashtag #IoTNewsWrap.
A Combination of IT and OT Are Essential to Securing the Industrial Internet of Things
Industrial IoT's risks are different than standard IoT and they include environmental damage and risk to human safety. At the 2016 Structure Security conference, GE's Tom Le explained how a combination of IT and OT are core to securing industrial IoT.
The Security Guys Are Certainly Not Immune to Attacks
A lot of what we read about securing IoT devices is focused on protecting personal data, remotely updating security vulnerabilities or device hijacking. Earlier in September, a new reality reared its ugly head and is just as concerning: IoT-fueled, distributed denial of service (DDoS) zombie armies. That threat was demonstrated late last week by the take down of well-known infosecurity website KrebsOnSecurity. Run by investigative reporter Brian Krebs, the site has faced some of the strongest and most advanced DDoS attacks ever measured.
There Is No Question IoT Matters, but Lots of Questions Around How to Secure It
A recent survey from IDC conducted over the summer revealed both the promise and the growing pains of IoT. The 27-country survey had more than 4,500 respondents, all from organizations with 100 or more employees and found that IoT is a strategic part of business, but most organizations are still taking a piece-meal approach to securing it.
Could the Security Problems of Connected Homes, Wearables Been Avoided?
Another survey from the summer, this time conducted by the Online Trust Alliance, reported vulnerabilities for consumer connected home and wearable technology products from November 2015 through July 2016. They found that in each case, if device manufacturers and developers had implemented the security and privacy principles outlined in the OTA IoT Trust Framework, the vulnerabilities would not have occurred.
Researchers Find Another Car to Hack
Researchers at Keen Security Lab in China discovered major security vulnerabilities in several Tesla car models, allowing them to remotely apply the brakes, open the boot and perform other actions which could put drivers in danger. The hacks were demonstrated in a video on their site.
As Far as IoT Security Goes, We Haven't Seen Nothing Yet
According to some security experts, we haven’t seen anything yet in regards to major cyberattacks against IoT devices. From connected cars to connected medical devices to smart buildings and cities, security implications are huge.