A Health System's leap to IOT
Industrial Scientific Blazes a Trail in IoT
IoT Platforms: What are They and Do You Need One?
IoT Facilitates Enhancements to Water Management Systems
Transforming the Future City
Brenna Berman, CIO, City of Chicago
How Internet of Things (IoT) will Rewire Supply Chains
Chad Lindbloom, CIO, C.H. Robinson
Embracing the Internet of Things
John Sprague, Deputy Associate CIO for Technology and Innovation, NASA
Managing the security risks of IoT devices
Steve Hanna, Distinguished Engineer, Infineon Technologies
Thank you for Subscribing to CIO Applications Weekly Brief
IoT Security And Its Common Threat Vectors
A threat vector is a method or path through which a cybercriminal might get access to your network's essential systems.
Fremont, CA: Digitally linked gadgets and apps are infiltrating many aspects of our life, including our homes, offices, automobiles, and even our bodies. However, to reap the benefits of being linked to the internet, all items are becoming smart. As a result, the Internet of Things (IoT) age is exploding at an alarming rate.
Previously, the danger surface was restricted to just business IT setups, but it has gotten considerably larger in today's environment. So before we discuss IoT security solutions, let's look at some of the danger vectors surrounding it.
A threat vector is a method or path through which a cybercriminal might get access to your network's essential systems. With so many IoT devices linked, the following are the most prevalent threat vectors:
No physical boundaries
IoT devices reside outside of the typical network boundary and in the open. Traditional security techniques for restricting device access are no longer applicable. These devices may be moved to any new place as needed and configured to connect to the network.
Weakly configured Wi-Fi and Bluetooth.
Wi-Fi and Bluetooth settings in IoT devices offer a significant risk of data leakage. Weak encryption mechanisms can allow attackers to obtain passwords while data is getting sent across the network. Furthermore, most passwords are not individually configured for each device, leaving the door open for illegal access to the entire network if just one device gets hacked.
Target data breach through HVAC
Target, a top ten American retailer, claimed that hackers obtained 40 million credit card details in one of the largest data breaches in history. The hackers obtained the credentials from a third-party HVAC provider, gained access to the HVAC system, and subsequently to the corporate network.
Subway PoS Hacking
Several security breaches with PoS have got documented. One of these is the 10 million dollars Subway PoS hack, which affected at least 150 restaurants. A similar incident occurred at Barnes & Noble when credit card readers were affected at 63 of their locations.
Another well-known example of a system breach was revealed in 2018 when the SamSam ransomware targeted the Port of San Diego and the Colorado Department of Transportation in the United States, unexpectedly shutting down their services.