Hackers graduate to financial gain as motivation for IoT attacks
📲Securing IoT devices is a top priority for organisations looking to implement this new technology.
The phrase Internet-of-Things (IoT) has gone from buzzword to common speech, having had an impact on almost every industry and sector. Once an abbreviation that seemed bound for fad-status among the tech elite, even the average consumer now embraces “IoT” as a category of connected technology that’s increasingly all around us.
In fact, it’s estimated that the IoT market hit a staggering $20.35 billion valuation in 2017 and is only set to continue past $75.44 billion by 2025. That means that the perception that IoT is “all around us” is going to go great leap further in under a decade – and the implications will be dramatic.
Especially in the context of cybersecurity, what will an omnipresence of connected devices tracking our every move mean for the hacking community?
We’re already starting to get a taste of what the future holds today when it comes to hacked IoT, as headlines over the past year have consistently focused on ever-increasing “muscle-flexing” on the part of hackers. As with any major technological change that’s embraced so rapidly by the masses, cracks in the façade will inevitably emerge as best practices catch up with the rate of adoption. IoT devices are especially prone to this chain of events, as industries and individuals are often bringing IoT solutions into their workflows before security is assured or a defense against threats is even mapped.
Evolving from DDoS to Financial Gain
Take, as an example, the distributed denial of service (DDoS) attacks that leveraged common household and office IoT devices over the course of 2016 and 2017. The Mirai attack, for instance, was a DDoS operation that used an army of botnet-infected IoT devices to flood Twitter, GitHub and the PlayStation network – to name just a few victims – with “loud” network traffic that drowned out legitimate directives from network administrators. This overwhelmed the targets’ servers, forcing them to shut down. First detected in October 2016, active strains of the Mirai virus were still being reported as recently as December 2017.
While the Mirai attack continues to be causing financial hurt for those affected parties, it was widely considered an exercise in showboating for the hacker Paras Jha, who recently pleaded guilty to hacking charges alongside two of his classmates. Jha and his cohorts made the vulnerabilities to IoT networks – even those connected to tech giants – glaringly obvious, which only opens the doors for “one-upsmanship” that will give IoT hacking over the next year a new motive: Malicious actors looking for financial gain will inevitably attempt to leverage those vulnerabilities, taking advantage of readily available ransomware and PII for big paydays.
In fact, research group Forrester made this prediction one of its top forecasts for the next year. Instead of being motivated solely by political, social, or military reasons – as had been forecasted in previous years – cybercriminals will likely be driven by financial gain moving forward, as the black market for malware and the Dark Web continue to mature, Forrester noted.
Bracing for the future
Fighting the increasingly persistent threats that will affect enterprise IoT networks requires a similarly comprehensive approach to security that IT takes with their standard network connectivity. For starters, organizations need to immediately ensure the security of their existing IoT infrastructure by assessing their hardware for security gaps, including weak encryption implementation or inadequate patching functions.
📲Securing IoT devices is a top priority for organisations looking to implement this new technology.
The phrase Internet-of-Things (IoT) has gone from buzzword to common speech, having had an impact on almost every industry and sector. Once an abbreviation that seemed bound for fad-status among the tech elite, even the average consumer now embraces “IoT” as a category of connected technology that’s increasingly all around us.
In fact, it’s estimated that the IoT market hit a staggering $20.35 billion valuation in 2017 and is only set to continue past $75.44 billion by 2025. That means that the perception that IoT is “all around us” is going to go great leap further in under a decade – and the implications will be dramatic.
Especially in the context of cybersecurity, what will an omnipresence of connected devices tracking our every move mean for the hacking community?
We’re already starting to get a taste of what the future holds today when it comes to hacked IoT, as headlines over the past year have consistently focused on ever-increasing “muscle-flexing” on the part of hackers. As with any major technological change that’s embraced so rapidly by the masses, cracks in the façade will inevitably emerge as best practices catch up with the rate of adoption. IoT devices are especially prone to this chain of events, as industries and individuals are often bringing IoT solutions into their workflows before security is assured or a defense against threats is even mapped.
Evolving from DDoS to Financial Gain
Take, as an example, the distributed denial of service (DDoS) attacks that leveraged common household and office IoT devices over the course of 2016 and 2017. The Mirai attack, for instance, was a DDoS operation that used an army of botnet-infected IoT devices to flood Twitter, GitHub and the PlayStation network – to name just a few victims – with “loud” network traffic that drowned out legitimate directives from network administrators. This overwhelmed the targets’ servers, forcing them to shut down. First detected in October 2016, active strains of the Mirai virus were still being reported as recently as December 2017.
While the Mirai attack continues to be causing financial hurt for those affected parties, it was widely considered an exercise in showboating for the hacker Paras Jha, who recently pleaded guilty to hacking charges alongside two of his classmates. Jha and his cohorts made the vulnerabilities to IoT networks – even those connected to tech giants – glaringly obvious, which only opens the doors for “one-upsmanship” that will give IoT hacking over the next year a new motive: Malicious actors looking for financial gain will inevitably attempt to leverage those vulnerabilities, taking advantage of readily available ransomware and PII for big paydays.
In fact, research group Forrester made this prediction one of its top forecasts for the next year. Instead of being motivated solely by political, social, or military reasons – as had been forecasted in previous years – cybercriminals will likely be driven by financial gain moving forward, as the black market for malware and the Dark Web continue to mature, Forrester noted.
Bracing for the future
Fighting the increasingly persistent threats that will affect enterprise IoT networks requires a similarly comprehensive approach to security that IT takes with their standard network connectivity. For starters, organizations need to immediately ensure the security of their existing IoT infrastructure by assessing their hardware for security gaps, including weak encryption implementation or inadequate patching functions.
🔥The top 4 industrial enterprise requirements of IoT application enablement platforms (AEP)
1. Pick a platform that focuses on developer usability
2. Choose a platform that has a flexible and scalable deployment model
3. Select a platform that has operational sophistication
4. Ensure an IoT platform vendor has a well-executed partnership strategy and relevant platform ecosystem
1. Pick a platform that focuses on developer usability
2. Choose a platform that has a flexible and scalable deployment model
3. Select a platform that has operational sophistication
4. Ensure an IoT platform vendor has a well-executed partnership strategy and relevant platform ecosystem
Mnubo secures $16.5 million in series B funding round to accelerate expansion of IoT solutions
Mnubo, an IoT data analytics and artificial intelligence (AI) provider, has raised $16.5 million in a series B financing round to speed up the global expansion of its SmartObjects IoT analytics and data science solution.
Throughout the world, SmartObjects aims to helping service providers and equipment manufacturers in furthering their data monetisation strategy. Johnson-Controls Hitachi is among the prominent manufacturers who are using SmartObjects.
Greg Barats, president and CEO of HSB Group, a Munich Re arm that led the financing round and also a strategic commercial partner of Mnubo, said: “We’re thrilled about this strategic partnership with Mnubo to bring to market a suite of financial and insurance related products based on artificial intelligence and machine Learning on IoT equipment datasets. HSB can help Mnubo’s customers realize meaningful results from their IoT investments."
Frederic Bastien, president and CEO of Mnubo, said: “We are spearheading the transformation of the IoT landscape by enabling a data-driven versus a connectivity-driven business model. Companies must focus on business outcomes through IoT insights in order to stand-out in a crowded and confusing market. HSB has 150 years of experience in insuring commercial and industrial equipment; this alliance with Mnubo enables the next-generation of IoT manufacturers and enterprises to benefit from a portfolio of IoT-based, data-driven financial products to accelerate RoI by enabling IoT data monetisation.”
In another funding raising story, cybersecurity enterprise VDOO has secured $13 million to formulate and commercialise its IoT security platform. According to VDOO, its first-of-its-kind IoT platform can provide security certification for a wide array of connected devices via an automated, end-to-end process that analyses the devices, gives the most accurate security requirements and implements guidance based on that analysis.
Mnubo, an IoT data analytics and artificial intelligence (AI) provider, has raised $16.5 million in a series B financing round to speed up the global expansion of its SmartObjects IoT analytics and data science solution.
Throughout the world, SmartObjects aims to helping service providers and equipment manufacturers in furthering their data monetisation strategy. Johnson-Controls Hitachi is among the prominent manufacturers who are using SmartObjects.
Greg Barats, president and CEO of HSB Group, a Munich Re arm that led the financing round and also a strategic commercial partner of Mnubo, said: “We’re thrilled about this strategic partnership with Mnubo to bring to market a suite of financial and insurance related products based on artificial intelligence and machine Learning on IoT equipment datasets. HSB can help Mnubo’s customers realize meaningful results from their IoT investments."
Frederic Bastien, president and CEO of Mnubo, said: “We are spearheading the transformation of the IoT landscape by enabling a data-driven versus a connectivity-driven business model. Companies must focus on business outcomes through IoT insights in order to stand-out in a crowded and confusing market. HSB has 150 years of experience in insuring commercial and industrial equipment; this alliance with Mnubo enables the next-generation of IoT manufacturers and enterprises to benefit from a portfolio of IoT-based, data-driven financial products to accelerate RoI by enabling IoT data monetisation.”
In another funding raising story, cybersecurity enterprise VDOO has secured $13 million to formulate and commercialise its IoT security platform. According to VDOO, its first-of-its-kind IoT platform can provide security certification for a wide array of connected devices via an automated, end-to-end process that analyses the devices, gives the most accurate security requirements and implements guidance based on that analysis.
IoT security threat already exercising industry minds
The focus for those responsible for earmarking research and development funds in the security world is to use some of the power of the cloud and machine learning to search more widely and quickly for threats.
The recent Meltdown processor security flaw has revealed that the problems go well beyond Windows vulnerabilities and exploiting websites and there are concerns that the growing number of IoT devices entering the market will widen the attack vectors even further.
John Gmuender, CTO and senior vp engineering at SonicWall, said that it had exposed the Meltdown issue thanks to some of the deep machine learning tools it had developed and was already looking to make investments in other areas to keep making life difficult for cyber criminals.
"The key thing about IoT is that it is not like a Windows or Mac and there is no anti virus. The processor is small and can't run it," he said.
The firm is looking at helping beef up network security to take the burden of protecting off the IoT devices.
"With IoT most people are just looking to do a secure channel between the IoT device or chip. But increasingly those SSL links are getting corrupted," said SonicWall CEO Bill Conner.
The firm found Meltdown using its Capture Cloud Real-Time Deep Memory Inspection (RTDMI) product and Gmuender said that the processor security flaw was going to be an issue that the channel would be helping customers deal with for quite some time to come.
"The processor firms will hurry to produce new chips that shouldn't be able to go after memory in the kernel," he added that it already had tools that would deal with the problem but in the long term customers might look to invest in fresh kit to ensure they got decent performance.
Conner said that once it started running its deep memory inspection product it found hundreds of new threats and the attackers had been able to sidestep some of the more traditional tools and get their malware installed under the radar.
The focus for those responsible for earmarking research and development funds in the security world is to use some of the power of the cloud and machine learning to search more widely and quickly for threats.
The recent Meltdown processor security flaw has revealed that the problems go well beyond Windows vulnerabilities and exploiting websites and there are concerns that the growing number of IoT devices entering the market will widen the attack vectors even further.
John Gmuender, CTO and senior vp engineering at SonicWall, said that it had exposed the Meltdown issue thanks to some of the deep machine learning tools it had developed and was already looking to make investments in other areas to keep making life difficult for cyber criminals.
"The key thing about IoT is that it is not like a Windows or Mac and there is no anti virus. The processor is small and can't run it," he said.
The firm is looking at helping beef up network security to take the burden of protecting off the IoT devices.
"With IoT most people are just looking to do a secure channel between the IoT device or chip. But increasingly those SSL links are getting corrupted," said SonicWall CEO Bill Conner.
The firm found Meltdown using its Capture Cloud Real-Time Deep Memory Inspection (RTDMI) product and Gmuender said that the processor security flaw was going to be an issue that the channel would be helping customers deal with for quite some time to come.
"The processor firms will hurry to produce new chips that shouldn't be able to go after memory in the kernel," he added that it already had tools that would deal with the problem but in the long term customers might look to invest in fresh kit to ensure they got decent performance.
Conner said that once it started running its deep memory inspection product it found hundreds of new threats and the attackers had been able to sidestep some of the more traditional tools and get their malware installed under the radar.
❤️Hello everyone, fans of IoT! Perhaps it will be better to talk not only about Iote on the channel, but about something else interesting and modern (for example, Augumented Reality of Virtual Reality).
Please choose your solution by clicking on the button below:
😁 AR,😉VR,😚IoT,😐Something else
Please choose your solution by clicking on the button below:
😁 AR,😉VR,😚IoT,😐Something else
If you chose something else😐, write me please @zelinskiy_vasia and share your idea. Thank you)
Why IoT in agriculture is set to see ‘incredible’ growth until 2025
The use of IoT solutions in agriculture can bring in a revolution to the industry by enhancing productivity, minimising agriculture wastage, and overcoming climate related natural calamities, according to a new missive from Transparency Market Research.
Enhanced agricultural productivity implies a decline in the number of undernourished individuals, the count of which stands at 795 million between 2014 and 2016, as per the Food and Agriculture Organization data.
The need for IoT in the agricultural industry is driven by the need to monitor health and performance of livestock and the uncertainties in climate change, which negatively impacts agriculture production. However, the growth of IoT in agriculture market is restrained due to a lack connecting services in agriculture. It is anticipated that the IoT in agriculture market will witness incredible growth during 2025. The increasing use of internet and smartphones is anticipated to make significant growth opportunities for the IoT in agriculture market throughout the world.
The use of IoT in agriculture incorporates advanced technologies and solutions for real-time monitoring of agricultural fields via real-time collection and analysis of data. In addition, IoT can be used for several other agricultural tasks such as examining livestock, inventory management, soil monitoring, climate control, moisture monitoring, nutrient monitoring, crop scouting, yield monitoring, smart logistics and the list continues.
At a time when unfavourable weather conditions throughout the world are affecting production, integration of IoT is expected to show significant rise to surmount these issues. Cisco Systems, AGCO, Semios Technologies, SenseFly, DeLaval and Advanced Ag Solutions are among some of the leading providers of advanced agricultural IoT solutions.
Meanwhile, a new report from ReportLinker has projected that the IoT market will grow to $561.04 billion by 2022 from $170.57 billion in 2017, at a CAGR of 26.9%.
The use of IoT solutions in agriculture can bring in a revolution to the industry by enhancing productivity, minimising agriculture wastage, and overcoming climate related natural calamities, according to a new missive from Transparency Market Research.
Enhanced agricultural productivity implies a decline in the number of undernourished individuals, the count of which stands at 795 million between 2014 and 2016, as per the Food and Agriculture Organization data.
The need for IoT in the agricultural industry is driven by the need to monitor health and performance of livestock and the uncertainties in climate change, which negatively impacts agriculture production. However, the growth of IoT in agriculture market is restrained due to a lack connecting services in agriculture. It is anticipated that the IoT in agriculture market will witness incredible growth during 2025. The increasing use of internet and smartphones is anticipated to make significant growth opportunities for the IoT in agriculture market throughout the world.
The use of IoT in agriculture incorporates advanced technologies and solutions for real-time monitoring of agricultural fields via real-time collection and analysis of data. In addition, IoT can be used for several other agricultural tasks such as examining livestock, inventory management, soil monitoring, climate control, moisture monitoring, nutrient monitoring, crop scouting, yield monitoring, smart logistics and the list continues.
At a time when unfavourable weather conditions throughout the world are affecting production, integration of IoT is expected to show significant rise to surmount these issues. Cisco Systems, AGCO, Semios Technologies, SenseFly, DeLaval and Advanced Ag Solutions are among some of the leading providers of advanced agricultural IoT solutions.
Meanwhile, a new report from ReportLinker has projected that the IoT market will grow to $561.04 billion by 2022 from $170.57 billion in 2017, at a CAGR of 26.9%.
The core skills needed for businesses adopting Internet of Things technology
- Technical skills
- Technology experts
- Partner training
- Technical skills
- Technology experts
- Partner training
MIT’s low power encryption chip could make IoT devices more secure
The Internet of Things hasn't ever been super secure. Hacked smart devices have been blamed for web blackouts, broken internet, spam and phishing attempts and, of course, the coming smart-thing apocalypse. One of the reasons that we haven't seen the same sort of encryption as the web affords, however, is that such protection is energy-intensive. MIT is working on a new chip, however, to perform this sort of public-key encryption that only uses 1/400 as much power as a software solution would. In addition, the chip uses about 1/10 as much memory and executes processes 500 times as fast.
MIT researchers used a technique called elliptic-curve encryption, which relies on a mathematical function to secure transactions. The new chip sets itself apart by being able to handle any kind of elliptic curve, which, in addition to low power use and a high speed of computation, makes it much more useful as an encryption solution. "Cryptographers are coming up with curves with different properties, and they use different primes," said lead author Utsav Banerjee in a statement. "There is a lot of debate regarding which curve is secure and which curve to use, and there are multiple governments with different standards coming up that talk about different curves. With this chip, we can support all of them, and hopefully, when new curves come along in the future, we can support them as well."
The Internet of Things hasn't ever been super secure. Hacked smart devices have been blamed for web blackouts, broken internet, spam and phishing attempts and, of course, the coming smart-thing apocalypse. One of the reasons that we haven't seen the same sort of encryption as the web affords, however, is that such protection is energy-intensive. MIT is working on a new chip, however, to perform this sort of public-key encryption that only uses 1/400 as much power as a software solution would. In addition, the chip uses about 1/10 as much memory and executes processes 500 times as fast.
MIT researchers used a technique called elliptic-curve encryption, which relies on a mathematical function to secure transactions. The new chip sets itself apart by being able to handle any kind of elliptic curve, which, in addition to low power use and a high speed of computation, makes it much more useful as an encryption solution. "Cryptographers are coming up with curves with different properties, and they use different primes," said lead author Utsav Banerjee in a statement. "There is a lot of debate regarding which curve is secure and which curve to use, and there are multiple governments with different standards coming up that talk about different curves. With this chip, we can support all of them, and hopefully, when new curves come along in the future, we can support them as well."
Particle Launches 'Lego Bricks' For IoT Mesh Networks, Sells 5K In Five Hours
IoT is amazing and world-changing. It's also hard to implement.
That conundrum is exactly what Particle, which raised $20 million last year to simplify the emerging internet of things, is trying to fix with Particle Mesh. Mesh offers two chipsets for enabling gateway nodes for IoT mesh networks -- one for WiFi, the other for cellular networks -- and a $9 version for connecting smart devices to the gateway nodes.
Mesh networks make sense for low-cost IoT devices because instead of each device requiring both expensive hardware (LTE radio chips) and expensive connectivity (cellular subscriptions), developers can simply connect five, 10, or 50 devices to one single network connection. In addition, longer-distance cellular radios require more power than short-range networks.
Apparently, there's a massive need for simple ways to implement cheap network connectivity for IoT devices.
"Particle has already sold 5,000 units in 5 hours," a representative told me today. "Not bad for hardware that's not available until the summer!"
The local network protocol is OpenThread, a mesh networking technology originally built by Google and released under and open source license. It's self-forming and self-healing by design, which is good for complex and changing IoT realities, and IPv6 compliant, so each node on the network will have its own addressable IP address.
IoT is amazing and world-changing. It's also hard to implement.
That conundrum is exactly what Particle, which raised $20 million last year to simplify the emerging internet of things, is trying to fix with Particle Mesh. Mesh offers two chipsets for enabling gateway nodes for IoT mesh networks -- one for WiFi, the other for cellular networks -- and a $9 version for connecting smart devices to the gateway nodes.
Mesh networks make sense for low-cost IoT devices because instead of each device requiring both expensive hardware (LTE radio chips) and expensive connectivity (cellular subscriptions), developers can simply connect five, 10, or 50 devices to one single network connection. In addition, longer-distance cellular radios require more power than short-range networks.
Apparently, there's a massive need for simple ways to implement cheap network connectivity for IoT devices.
"Particle has already sold 5,000 units in 5 hours," a representative told me today. "Not bad for hardware that's not available until the summer!"
The local network protocol is OpenThread, a mesh networking technology originally built by Google and released under and open source license. It's self-forming and self-healing by design, which is good for complex and changing IoT realities, and IPv6 compliant, so each node on the network will have its own addressable IP address.
