At last, influential policymakers are slowly becoming aware of the damages unsecured IoT devices can cause. Recent attacks on high profile targets, exploiting cameras and routers, have attracted a lot of attention. Some of the issues will not likely be solved until manufacturers improve the security of their systems. However, many attack vectors could be eliminated easily with appropriate precautionary measures. Currently, the Federal Office for Information Security (BSI) is drafting a new module to address IoT device security. Although it does not refer to specific manufacturers or technologies, the proposal includes concepts for securing IoT devices so that they cannot be manipulated or accessed without authorization to compromise data and IT security within an organization or to target other organizations.
Another first for 2016: at the weekend, another unprecedented event occurred which left significant numbers of Deutsche Telekom customers with difficulties accessing the internet or no internet access at all. As is now widely known, the outage was caused by a malicious attack – which was not entirely successful − rather than a technical fault. The attackers attempted to exploit the TR-069 protocol used on customer routers and add them to a bot net. 900,000 users are reported to have been affected.
More and more devices in doctor’s offices and hospitals are connected to networks. Diagnoses and therapies are now stored digitally at hospitals, laboratory reports are transmitted over the internet and hospitals and health insurance companies communicate digitally. As these systems process highly sensitive patient data, they must meet extremely high security requirements. This has not always worked in practice with incidents occurring on an annual basis (1). The cost of ransomware attacks – which have recently increased sharply in the health sector – are extremely high. In February 2016, blackmailers demanded USD 5.77 million from a hospital in California.
The Internet is a wondrous place. The most convenient and massive source of information. You have the luxury of accessing any web-site with a simple mouse click. Particularly useful for students. It allows everyone to find and compile all the relevant information quickly; explore popular tourist destinations; find recipes for tasty meals or maybe even get some professional help from Australian assignment writers.
Where is your IT manufacturer based? What used to be a trivial matter of image has now become a security issue. Three years after Edward Snowden’s revelations, CEOs understandably feel uncomfortable when their IT infrastructure consists of routers and switches from different vendors. Some companies are known to have been affected by the efforts of the American National Security Agency (NSA) either through code manipulation or backdoors in certain products. In relation to these developments, the quality label of IT security made in Germany carries even more weight.