https://padlet.com/rona8789/IoT_security "A malicious IOT Module can bring Hackers closer to you" en-us 2022-09-21 02:08:01 UTC 2022-09-21 17:13:38 UTC hello@padlet.com https://img.icons8.com/external-colored-outline-lafs/64/000000/external-IoT-iiot-colored-outline-lafs.png rona8789 https://padlet.com/rona8789/IoT_security/wish/2305987578 2022-09-21 02:14:23 UTC https://padlet.com/rona8789/IoT_security/wish/2305987578 rona8789 https://padlet.com/rona8789/IoT_security/wish/2305990022 IoT cybersecurity is the practice of protecting IoT devices and ecosystems from cyber threats. To counter these threats, there are tools that protect networks from data breaches, while identifying and monitoring risks that aim to reduce vulnerabilities.]]> 2022-09-21 02:16:12 UTC https://padlet.com/rona8789/IoT_security/wish/2305990022 rona8789 https://padlet.com/rona8789/IoT_security/wish/2305996668 IoT security refers to the methods of protection used to secure internet-connected or network-based devices. The term IoT is incredibly broad, and with the technology continuing to evolve, the term has only become broader. From watches to thermostats to video game consoles, nearly every technological device has the ability to interact with the internet, or other devices, in some capacity.]]> 2022-09-21 02:20:55 UTC https://padlet.com/rona8789/IoT_security/wish/2305996668 rona8789 https://padlet.com/rona8789/IoT_security/wish/2305997194 2022-09-21 02:21:18 UTC https://padlet.com/rona8789/IoT_security/wish/2305997194 rona8789 https://padlet.com/rona8789/IoT_security/wish/2306004565 In 2018, there was an ongoing battle between PewDiePie ( the creator ) and T-Series ( an organization) race toward the 100 Million Subscribers milestone. It was all the internet had to offer in that year. The creator's fans were fanatic and were searching for myriad options to promote the channels. Amidst all that, this incident emerged, where some unknown fans Hacked Multiple printers to print a statement suggesting to subscribe to the creator.

Printers are really weak points in the network. They are sort of like IOT modules but with limited functionality. All it takes to hack is a utility called PRET, which is an open-source toolkit.

]]> 2022-09-21 02:26:56 UTC https://padlet.com/rona8789/IoT_security/wish/2306004565 rona8789 https://padlet.com/rona8789/IoT_security/wish/2307229615 Thousands of security cameras created and maintained by Verkada, a Silicon Valley-based firm that offers security as a service, were successfully accessed and controlled by a gang of hackers.

Once they breached the Verkada database, they moved laterally across the network and gained control over a super-admin account. From there, they were able to hijack control of the cameras to launch future attacks and access video footage stored on the cloud of Verkada’s more than 24,000 client list.]]> 2022-09-21 16:44:18 UTC https://padlet.com/rona8789/IoT_security/wish/2307229615 rona8789 https://padlet.com/rona8789/IoT_security/wish/2307245445 Western Digital, a major maker of storage devices, entirely deleted its My Book Live devices. This was caused by two flaws, the first of which made it susceptible to penetration, and the second of which was a serious security flaw that let hackers remotely do a factory reset without a password.

 The My Book Live attack is significant not only because hackers were able to wipe petabytes of user data from each device, but also because it was a Western Digital developer that had actively removed code that required a valid user password before allowing a factory reset to be activated. ]]> 2022-09-21 16:53:40 UTC https://padlet.com/rona8789/IoT_security/wish/2307245445 rona8789 https://padlet.com/rona8789/IoT_security/wish/2307250508 This IoT botnet was made possible by malware called Mirai. Once infected with Mirai, computers continually search the internet for vulnerable IoT devices and then use known default usernames and passwords to log in, infecting them with malware. These devices were things like digital cameras and DVR players.

Lessons it taught

• “Devices that cannot have their software, passwords, or firmware updated should never be implemented.
• Changing the default username and password should be mandatory for the installation of any device on the Internet.
• Passwords for IoT devices should be unique per device, especially when they are connected to the Internet.
• Always patch IoT devices with the latest software and firmware updates to mitigate vulnerabilities.”

]]> 2022-09-21 16:56:45 UTC https://padlet.com/rona8789/IoT_security/wish/2307250508 rona8789 https://padlet.com/rona8789/IoT_security/wish/2307251559 This most recent incident is just another illustration of how gadgets with the greatest of intentions, such as those that notify parents when their infants develop cardiac problems, may become hazardous if abused by a malicious party.

Sadly, this is the case more frequently than not when embedded computing is included in so-called smart gadgets. Unfortunately, these are stories that we will continue to hear if manufacturers and developers don't take this into account and take further precautions to safeguard devices at the hardware layer.]]> 2022-09-21 16:57:17 UTC https://padlet.com/rona8789/IoT_security/wish/2307251559 rona8789 https://padlet.com/rona8789/IoT_security/wish/2307253401 2022-09-21 16:58:27 UTC https://padlet.com/rona8789/IoT_security/wish/2307253401 rona8789 https://padlet.com/rona8789/IoT_security/wish/2307254516 2022-09-21 16:59:06 UTC https://padlet.com/rona8789/IoT_security/wish/2307254516 rona8789 https://padlet.com/rona8789/IoT_security/wish/2307255739 2022-09-21 16:59:53 UTC https://padlet.com/rona8789/IoT_security/wish/2307255739 rona8789 https://padlet.com/rona8789/IoT_security/wish/2307261529 By exploiting a firmware update vulnerability, they hijacked the vehicle over the Sprint cellular network and discovered they could make it speed up, slow down, and even veer off the road. Its proof of concept for the emerging Internet of Things (IoT) hacks: While companies often ignore the security of peripheral devices or networks, the consequences can be disastrous.”]]> 2022-09-21 17:03:36 UTC https://padlet.com/rona8789/IoT_security/wish/2307261529 rona8789 https://padlet.com/rona8789/IoT_security/wish/2307263708 Kamalanathan et al.

Types of IoT risks

• Ethical IoT risk:  This refers to the unforeseen adverse effects of unethical actions using IoT devices.
• Security and privacy IoT risk: This refers to the exploitation of vulnerabilities in the system to gain access to assets with the intent to cause harm.
• Technical IoT risk: This is due to hardware or software failure because of poor design, evaluation, etc.

]]> 2022-09-21 17:05:05 UTC https://padlet.com/rona8789/IoT_security/wish/2307263708 rona8789 https://padlet.com/rona8789/IoT_security/wish/2307273826 To increase the security of linked devices and the environments in which they are used, NIST's Cybersecurity for IoT initiative has developed and connected standards, guidelines, and related technologies. This initiative seeks to empower advancement on a global scale by collaborating with partners from across government, business, universal bodies, and academia. According to NIST, there are a number of possible approaches to IoT conformity assessments, including 
(a) creating different assessments based on device type and function, 
(b) letting industry lead the way in developing requirements and assessment approaches, 
(c) designing assessments to allow for the flexibility required to meet market demand, and 
(d) utilizing various conformity assessment strategies based on the risk associated with device type or environment.

To safeguard the privacy of persons, the security of data and the security of devices are NIST's three main objectives for IoT risk management. NIST is a commonly used framework for risk management and is ideal for preparing for catastrophe and recovery in areas where IoT technology is present.]]> 2022-09-21 17:11:30 UTC https://padlet.com/rona8789/IoT_security/wish/2307273826