Oh great. The world’s internet security professionals are increasingly worried about what they are calling the Internet of Evil Things.
These concerns stem from the risks posed by connected Internet of Things (IoT) devices — a problem which is set to grow, even as resources and visibility into such connected devices have stagnated, according to a new survey.
The study of the views of more than 400 global IT security professionals, called “The Internet of Evil Things: Top Connected Device Threats 2016” by InfoSec outfit Pwnie Express shows that even as awareness of vulnerable devices grows in 2016, information security (InfoSec) professionals are not ready or equipped to manage the consequences.
The Connected Device Problem
According to the study, an overwhelming majority (86 per cent) of InfoSec professionals are concerned with connected device threats, with 50 per cent either “Very” or “Extremely” concerned.
Their fears have risen sharply in the last 12 months, with 67 per cent more worried about connected device threats than they were a year ago.
Perhaps most troubling is what is driving their concerns — first-hand experience. More than half (55 per cent) have witnessed an attack via wireless device, and 38 per cent have witnessed an attack via mobile device, according to the study’s authors.
Blame is also sheeted home to the proliferation of wireless and mobile devices and the prevalence of BYOD and BYOx environments. In fact, more than a third of those surveyed said they didn’t know even how many devices were connected to their networks.
The authors note, “Additionally, 40 per cent note their organisation is ‘Unprepared’ or ‘Not prepared at all’ to find connected device threats.”
According to Paul Paget, CEO, Pwnie Express “As the IoT universe continues to grow, the corresponding attack surface for malicious actors is growing, giving them an easy and unsecured way into your organisation’s most sensitive information — and this has understandably put information security professionals on edge.”
Yet, he said, despite ever-growing concerns around the proliferation of connected devices on and around their networks, more than one third of organisations admit to having no BYOD policy in place at all. Only 24 per cent actually have a budget in place for BYOD security technology. “This tells us that security professionals desperately need help educating the corner office and those in charge of the purse strings about the new evils and dangers their organisations face in our ever-evolving IoT world.”
Among the other findings:
- Most security professionals are not ready to monitor or detect less-common RF and off-network IoT devices;
- Eighty-nine per cent cannot see Bluetooth devices, and 87 per cent cannot monitor 4G/LTE devices in real time;
- Seventy-one percent cannot monitor off-network WiFi devices in real time;
- Fifty-six per cent cannot monitor on-network IoT devices in real time.
Subsequently, the vast majority (71 per cent) are concerned with devices in a default, misconfigured, or vulnerable state, including devices with default passwords and “Wide-open” settings, according to the study.
When Pwnie Labs aggregated and analysed more than seven million wireless and wired devices detected by the Pwnie platform, they were able to some ket differences between the 2014 and 2015 data.
For instance, Coolpad devices, at 30 per cent, overtook Samsung as the maker of devices accounting for the most prevalent vulnerable mobile hotspots.
HP Print, meanwhile has overtaken Xfinitywifi as the most common default open wireless network. And HP printers are the most prevalent wireless devices deployed in a highly vulnerable default configuration, at 56 per cent. While exposing confidential print jobs and compromising corporate client devices, these printers can be also used as a back door into private corporate networks.
This article is by Buffy Montauben and first appeared on B&T’s sister site www.which-50.com
Sustainable soap brand Single Use Ain’t Sexy has been greeted with a huge influx of support after raising over half a million dollars in funding via a crowdfunding campaign. The brand has launched itself into the ‘green economy’ by calling on the Australian public to financially back them and their mission to get Aussies to […]
Queer Artist Ryan James Caruthers has publically slammed software company Unfold after it asked to use the artist’s work for free as part of its Pride Month social media campaign. Caruthers took to Instagram to show screenshots of the conversation he had with Unfold after it asked the artist to share 12 of his images […]
After relaunching in September last year, TWOOBS has become a ‘kinda’ shoe brand by also focusing on making the world a ‘kinder’ place and creating more consumer-conscious shopping. The vegan shoe brand founded by sisters Jess and Stef Dadon changed its marketing approach last year and stopped using social media to push sales the old-fashioned […]
Highly experienced tourism marketer Kelly Ryan has been appointed to lead the marketing efforts at Visit Sunshine Coast (VSC). During the past 12 years, Ryan has supported Canberra’s tourism industry in senior marketing roles, including as director of strategy and insights as well as director of marketing at VisitCanberra. Most recently, Ryan has been working […]
GHO Sydney has developed a new educational platform for Family Planning NSW to help parents and carers of children with disabilities navigate the changes to their bodies, emotions and social interactions. The project, ‘Planet Puberty’, was made possible through funding from the federal government’s Department of Social Services, and was co-designed with people with disability […]
JCDecaux today announced conservation organisation, Bush Heritage Australia, as its major charity partner for 2021. The partnership is part of a series of ‘social impact’ initiatives the business is launching this year, under the banner of JCDecauxHEART. JCDecauxHEART focuses on three areas of social impact: health and mental health, environmental sustainability, and enriching urban communities. […]
Shameless Media’s Michelle Andrews and Zara McDonald’s latest podcast, The Books That Changed My Life, will launch exclusively on LiSTNR on Tuesday, 15 June. Throughout the series Michelle and Zara will talk with guests including Kevin Kwan, Laura Henshaw, Jock Zonfrillo, Susan Carland, Hamish Blake and Delta Goodrem about the books that have had a profound impact […]
In celebration of Pride Month, cult streetwear brand Champion has announced an Australia-and New Zealand-first Pride range, Champions of Pride, and ongoing partnership with the Queer Sporting Alliance. Championing a cause, celebrating community, and aiming to create real change, the capsule collection proudly heroes the Pride colours in a selection of signature Champion tees, iconic […]
Following the successful deployment of BankiFi’s technology platform at The Co-operative Bank in the UK, BankiFi has appointed Lloyd Parata to lead their expansion into the Australian Financial Services market. BankiFi’s technology platform ensures banks remain relevant by offering SMEs an innovative solution to operate their business, whilst avoiding common challenges like late payment. Parata, […]
Mars Wrigley 5 Gum has partnered with Twitch to launch Team CLUTCH, a team of Twitch streamers who will assemble on for three live squad streams tackling popular games like Fortnite while embodying the brand’s ethos of ‘life happens in 5’. This partnership builds on 5 Gum’s 2020 Twitch activation, and is set to create […]