sb-au logo
Story image

IoT security in danger of being ignored, says Trend Micro

05 Apr 2017

Security in Internet of Things (IoT) devices has been highlighted by the recent Mirai and Dyn botnet attacks - and Trend Micro says that most of those devices come with preset, easy passwords and inactivated security.

Organisations that install the technology also suffer by not ever using reinforced configurations, which means hackers can exploit significant holes, Trend Micro says.

Trend Micro says that organisations shouldn’t be dissuaded from using IoT technology, as it is opening up a vast space for data collection and consumer convenience. 

IoT security will improve, but organisations must take steps to protect their hardware from attacks - and data privacy issues. It will require management, but the outcome will be worth it, the company says.

Trend Micro says that configuring every single sensor or creating a firewall for their coffee maker is a mission, which is why most organisations fail to correctly configure devices without changing standard authorisations. 

However, everything must be configured so that attackers are left with no possible exploit holes. Data breach systems can detect unusual behaviour in networks, which also helps to spot malicious access in IoT devices, Trend Micro says.

Organisations must address how IoT devices collect, use and disclose information they connect. In addition, there should also be clear rules about how user data is secured and deleted. If there are no rules, it means systems and data could be at risk if attackers get in.

Unsecured IoT devices allow attackers to get in and then execute much bigger attacks. The Dyn DDoS attacks took down Netflix, Twitter and Spotify through unsecured IoT devices such as cameras, routers, DVRs and other household appliances, Trend Micro says.

The company also cites hacker tools such as Shodan, which can be used to search for exposed cyber assets and gain each device’s IP address, application and firmware versions.

Trend Micro says that organisations must configure their devices correctly for their specific organisation’s requirements. Use passwords that are complex and difficult for hackers to guess. Data breach systems will also trigger an alert for any malicious access to IoT devices.

Story image
CISOs, don't underestimate the importance of soft skills
There is increasing importance on Chief Information Security Officers (CISOs) having and developing the skill of emotional intelligence, a new report states.More
Story image
Kaspersky ranked number one in channel partner satisfaction
“Being recognised for the second consecutive year as the number one cybersecurity vendor for channel satisfaction, reflects the investment we have made in the Kaspersky United partner program over the past two years."More
Story image
Y Soft adds to identity verification solution portfolio
Y Soft is adding to its portfolio of identity verification solutions with the release of a new secure identity verification for networked printers.More
Story image
Palo Alto Networks turns attention to supporting remote workforces
"We’re working with more organisations to pivot their security architecture and move towards a cloud-delivered security model that can safely connect any user, to any application, from anywhere.”More
Story image
Investing in digital trust for the post-pandemic business landscape
Business leaders in 2021 need to make sustainable investments to give their organisations a much-needed resilience boost to tackle new disruptions, while still enabling growth.More
Story image
Leader wins Acronis distribution agreement, brings cyber protection solutions to Aus
The agreement covers the entire Acronis Cyber Protect Cloud solution portfolio, which includes cybersecurity, backup, disaster recovery, secure file sync and share, as well as notary services.More