internet of things thirds of USB sticks that were lost or found on public transport were infected with malware . I guess this raises several issues . Definitely , don ’ t plug any old USB stick you find into your computer - that ’ s how Stuxnet got its start in life after all . The survey also begs the question , of why so many of these USB sticks are infected . Could it be that people are deliberately infecting USBs and ‘ losing ’ them ?
Infected USBs can today be considered a fairly traditional attack vector , along with code attached to downloaded files and drive-bys leaping out of infected websites to get you . The security industry has made a pile of cash developing products to protect us and it ’ s all fairly much in hand . But now we have a game changer because endpoints aren ’ t the same as they were . Firstly , we had the revolution that was the mobile endpoint . Mobile phones and tablets are now huge players on our networks . They have effectively put network endpoints in our pockets and allowed us to take them down the pub and lose them .
The technology to protect them has been available for some time , but the adoption has been woefully slow . You would have thought US Federal Agencies would be right on top of it , but a 2015 survey found 61 percent of agencies do not apply their network security policies to mobile devices !
So what does the future hold for the endpoint ? Without doubt , the Internet of Things ( IoT ) means they are going to be everywhere ! Network attached security systems that give you video pictures of your front door and allow callers to leave recorded messages , are essentially connecting your doorbell to your main processor . Your Hive controlled heating system is connecting you to the Internet .
Despite these being serious systems , many have arrived on our networks and in our homes with gaping holes in their security . British Gas took a thrashing in the national press when their control system was found to be a burglar ’ s dream , easily allowing access to the heating schedule , which could tell them if the owner was at home , or even if they were away for an extended period of time .
Even cars have become endpoints . Until recently they were fairly much selfcontained . Yes , they communicated with the Internet and manufacturers ’ control networks and as such they were hackable . We saw hackers demonstrate that they could take control of a Jeep and run it off the road . This triggered a recall of 1.4 million cars by Chrysler in order to patch the operating system . But they were somebody else ’ s problem in that they didn ’ t communicate with your network , so were not one of your endpoints .
But car manufacturers , including Ford , are developing on-board systems to allow you to carry out vital activities like turning on your smart kettle while on the road . This requires them to connect via the Internet to your own network . On the one hand , that kettle might be ever so smart in that it carries significantly more processing power than the 64 Kb memory operating at 0.043 MHz in the Apollo guidance system that put man on the moon . On the other hand , it ’ s not smart enough to be fully secured against man-in-the-middle attacks that will allow a hacker to penetrate your network .
KIOSK solutions 27
internet of things
thirds of USB sticks that were lost or
found on public transport were infected
with malware. I guess this raises several
issues. Definitely, don’t plug any old USB
stick you find into your computer - that’s
how Stuxnet got its start in life after all.
The survey also begs the question, of why
so many of these USB sticks are infected.
Could it be that people are deliberately
infecting USBs and ‘losing’ them?
Infected USBs can today be
considered a fairly traditional attack
vector, along with code attached to
downloaded files and drive-bys leaping
out of infected websites to get you. The
security industry has made a pile of cash
developing products to protect us and
it’s all fairly much in hand. But now we
have a game changer because endpoints
aren’t the same as they were. Firstly, we
had the revolution that was the mobile
endpoint. Mobile phones and tablets are
now huge players on our networks. They
have effectively put network endpoints in
our pockets and allowed us to take them
down the pub and lose them.
The technology to protect them has
been available for some time, but the
adoption has been woefully slow. You
would have thought US Federal Agencies
would be right on top of it, but a 2015
survey found 61 percent of agencies do
not apply their network security policies
to mobile devices!
So what does the future hold for the
endpoint? Without doubt, the Internet
of Things (IoT) means they are going
to be everywhere! Network attached
security systems that give you video
pictures of your front door and allow
callers to leave recorded messages, are
essentially connecting your doorbell
to your main processor. Your Hive
controlled heating system is connecting
you to the Internet.
Despite these being serious systems,
many have arrived on our networks and
in our homes with gaping holes in their
security. British Gas took a thrashing in
the national press when their control
system was found to be a burglar’s
dream, easily allowing access to the
heating schedule, which could tell them
if the owner was at home, or even if they
were away for an extended period of
time.
Even cars have become endpoints.
Until recently they were fairly much selfcontained. Yes, they communicated with
the Internet and manufacturers’ control
networks and as such they were hackable.
We saw hackers demonstrate that they
could take control of a Jeep and run it
off the road. This triggered a recall of 1.4
million cars by Chrysler in order to patch
the operating system. But they were
somebody else’s problem in that they
didn’t communicate with your network, so
were not one of your endpoints.
But �\�X[�Y�X�\�\��[��Y[��ܙ\�H]�[�[��ۋX��\��\�[\�[��[�H��\��H�]�][X�]�]Y\Z�H\��[��ۈ[�\��X\��]H�[Hۂ�H��Y�\��\]Z\�\�[H��ۛ�X���XHH[�\��]�[�\��ۈ�]�ܚˈۂ�HۙH[�]�]HZY��H]�\�����X\�[�]]�\��Y\��YۚY�X�[�B�[ܙH���\��[����\�[�H
��Y[[ܞH�\�][��]�
�R�[�B�\���ZY[��H�\�[H]]X[��ۈH[�ۋ�ۈH�\�[�]8�&\�����X\�[��Y���H�[H�X�\�YY�Z[���X[�Z[�]K[ZYH]X���]�[[��B�X��\��[�]�]H[�\��]�ܚ˂���S�����][ۜ���