CIA Exploits of IoT Devices, What Lessons Can We Learn?

Tags: , , , , , , |

By Alan Grau, Icon Labs,, We are often asked by industry insiders if they should be worried about the CIA hacking their device and eavesdropping on their conversations. While that might be a concern for some, the bigger fear is with so many vulnerable IoT devices, a malicious cyber-attack could potentially impact

BlackBerry show how to start improving software security

Tags: , , , , , |

Imagine this... you run an organization producing products that incorporate significant amounts of software. You know that security wasn’t a concern when much of that software was written. You know that insecure products are no longer acceptable and that you have to do something. But where do you start? If you are in this

WANTED: Consumer IoT / Smart Home Security Reviewers and Best Practice Adopters

If you're security conscious you'll notice that there has not been any slow down in the media on consumer IoT hack-related stories. The hack on light bulbs from Osram is just of the most recent - and we expect a lot more as Blackhat and DEF CON 24 get underway. What's interesting about a lot

Medical IoT – A Call to Action

Tags: , , , , , , |

IoT will become all-pervasive in industry, business and domestic settings, and healthcare is one of the sectors which has a great deal to gain. Introduction of IoT-type technologies is already underway - for example in wearables, implantables, injectables, robotics and automation. Yet there is likely to be pain as adoption rates increase and significant concerns

Establishing Principles for Internet of Things Security Part 2

Tags: , , |

Does the data need to be trusted? In part one of this blog series, we looked at whether the data needs to be private? In this blog, we tackle the issue of trust in IoT devices and systems. Data may need to be protected from tampering/modification in transit. This may be a malicious attacker,

Establishing Principles for Internet of Things Security

Tags: |

Security is an important part of almost every IoT deployment yet is often neglected in the development of systems. This blog series looks at questions that need to be considered when designing an IoT device, system or network. A common theme throughout is that investment in security at the design phase can save a lot

Report: Insecurity in the Internet of Things

Tags: , , , |

IoTSF founder member ElevenPaths have just released a trend report titled "Insecurity in the Internet of Things" The report is freely downloadable from HERE "Security lessons of the past 20 years have often been forgotten by existing technology vendors" Executive Summary In terms of expectation and anticipation, the Internet of

How VW might have patched their software

Tags: , , , |

Security is a moving challenge. What is secure today may not be tomorrow - especially if your product or business is successful. It's the nature of the emerging IoT business. This is why resilience must be an important part of your approach to security and why IoTSF has highlighted it as an area for greater