Tag: internet of things

1
Interlopers in Things? IoT devices may be used as backdoors to your network
2
US Internet of Things bill advanced to vote on House floor
3
So you plug your shiny Tesla in to charge…
4
Internet of Things security flaw – key card locks vulnerable
5
Apple Watch data leads to arrest of suspected murderer
6
“Hey Google, could you be used against me in court?”
7
Cybersecurity in the age of the Internet of Things
8
Amazon Web Services announces Internet of Things (IoT) security service
9
Update everything: Discovery of Wi-Fi flaw in connected devices
10
Is your IoT device putting you at risk?

Interlopers in Things? IoT devices may be used as backdoors to your network

By Cameron Abbott and Karla Hodgson

This month Microsoft reported that its Threat Intelligence Center discovered that IoT (internet of things) devices – a VOIP phone, a printer and a video decoder – were used to gain access to corporate networks in April.

Microsoft have identified Strontium – also known as Fancy Bear or APT28 – as the culprit, a hacker group associated with the Russian government who appear to be targeting government, IT, military and defence, engineering, medical and education sectors. Strontium has been linked to the hacking of Hillary Clinton’s presidential election campaign and of the email accounts of researchers investigating the missile strike on MH17 and the Skripal poisonings. In the last 12 months alone Microsoft has delivered almost 1,400 notifications to those targeted or compromised by Strontium.

Read More

US Internet of Things bill advanced to vote on House floor

By Cameron Abbott and Rebecca Gill

Just a few months ago, we blogged on the ‘Internet of Things’ (or IoT) legislation making an appearance in the US Senate. But now the legislation may be becoming a reality. On Wednesday, the House Committee on Oversight and Reform advanced the Internet of Things Cybersecurity Improvement Act of 2019 to a vote on the House floor.

The bipartisan legislation aims to reduce the risk to critical government information technology infrastructure from cyberattacks, and directs the National Institute of Standards and Technology to develop recommendations for use and management of internet-connected devices by March 31 2020.

Read More

So you plug your shiny Tesla in to charge…

By Cameron Abbott and Wendy Mansell

…and suddenly you are at risk of starting fires.

We all know that these days the Internet of Things is a favourite for cyberattacks, with the latest target being home charging stations for electric cars.

Many home charging stations are controlled remotely by mobile apps, which seem to provide the perfect opportunity for hackers to cause harm.

Hackers cleverly can infiltrate an account and turn charging off or even worse, they may change the current to the extent it can start a fire.

Once again the industry needs to take security seriously for IoT and have the same diligence as IT networks now do.

Internet of Things security flaw – key card locks vulnerable

Cameron Abbott, Warwick Andersen, Rob Pulham and Georgia Mills

It is a technology so innocuous that it hardly gets a second thought: electronic hotel key cards have been replacing the humble lock and key for over two decades. A recent study by Finnish security researchers has revealed a vulnerability in the technology. The discovery came as a result of the researchers’ obsession over many years to solve a mystery of how a laptop was stolen from a hotel room without leaving a trace. (Small consolation that it cannot have been easy to do given how long it took!)

Read More

Apple Watch data leads to arrest of suspected murderer

By Cameron Abbott and Allison Wallace

Last month we blogged about the potential for data from our smart devices being used against us in court. Well, that potential has now been realised in Australia, with prosecutors in a murder trial in Adelaide telling the court that data from the victim’s Apple Watch helped pin down her suspected murderer.

Read More

“Hey Google, could you be used against me in court?”

By Cameron Abbott and Allison Wallace

Smart home devices like the Google Home and Amazon Echo were popular gifts this past Christmas – just like Fitbits have been the Christmases past.

But could these smart devices that we rely on to seek out and relay information to us, turn on our favourite music, or count our calories and steps, be used to produce evidence against us, if we were to commit a crime? Read More

Cybersecurity in the age of the Internet of Things

By Cameron Abbott, Keely O’Dowd and Harry Crawford

The Internet of Things (IoT) allows unprecedented interconnectivity for consumers, and unfortunately for those consumers, hackers as well.

The European Union Agency for Network and Information Security (ENISA) recently released a report to provide insight into the security requirements of IoT and good practices recommendations on preventing and mitigating cyber-attacks against IoT systems. The report even includes examples of IoT cyber security attack scenarios.

Read More

Amazon Web Services announces Internet of Things (IoT) security service

By Cameron Abbott and Giles Whittaker

Amazon Web Services rolled out an IoT service called IoT Device Defender to limit risks from unsecured IoT devices. The service will monitor an entire fleet of devices for compliance policies and best practices. As such, an organization can set the normal operational parameters and policies for a given fleet of devices and then Device Defender will make sure those policies are enforced.

Read More

Update everything: Discovery of Wi-Fi flaw in connected devices

By Cameron Abbott, Rob Pulham and Olivia Coburn

A Belgian researcher has discovered a weakness in WPA-2, the security protocol used in the majority of routers and devices including computers, mobile phones and connected household appliances, to secure internet and wireless network connections.

The researcher, Mathy Vanhoef, has named the flaw KRACK, for Key Reinstallation Attack.

Any device that supports Wi-Fi is likely to be affected by KRACK, albeit devices will have different levels of vulnerability depending on their operating systems. Linux and Android are believed to be more susceptible than Windows and iOS, and devices running Android 6.0 are reportedly particularly vulnerable.

Read More

Is your IoT device putting you at risk?

By Cameron Abbott and Giles Whittaker

As the uptake of IoT (Internet of Things) devices increases, industry experts question whether adequate cybersecurity measures are in place. While we are not surprised with the results of a recent survey, it has been confirmed that IoT devices represent the next big cybersecurity threat.

A Tripwire study found 96% of surveyed IT pros expect to see an increase in security attacks on IoT. The study acknowledges the promise of these devices in facilitating tasks and bringing convenience, but also notes the risk they pose as they’re not always built with security in mind. The study found the industries facing the biggest threat include energy, utilities, government, healthcare and finance with devices connecting the Industrial Internet of Things viewed as susceptible to serious consequences. David Meltzer, COO at Tripwire, says there must be a change in the level of preparation for such attacks or the realization of these risks will be experienced.

Copyright © 2019, K&L Gates LLP. All Rights Reserved.