Answer

Mitigating Internet of Things issues and securing the network

The Internet of Things is a term being thrown around a lot lately. It sounds a lot like Skynet from the "Terminator" movies, but can you explain what this term means and the extent to which I should be concerned about defending my network from the threats IoT poses?

    Requires Free Membership to View

Ask the Expert

Perplexed about network security? Send us your questions today! (All questions are anonymous)

More of an abstraction than a reality, the Internet of Things is nonetheless a fascinating emerging change in the IT landscape that deserves serious contemplation on the part of security professionals.

What is the Internet of Things and what are some Internet of Things issues? Simply put, it's the term for the increasing number of nontraditional computing devices that are being given some sort of Internet connectivity and hence popping up on consumer and enterprise networks. This could be anything from a high-tech vehicle to a basic household appliance. While this scenario sounds infeasible, take into consideration the proliferation of wireless technologies that society has cultivated over the span of just two decades. If you consider that this exponential advancement in wireless functionality is predicted to continue, the aforementioned infeasibility doesn't sound 100% infeasible.

Recent articles suggest that the security implications of the Internet of Things may already be upon us, mentioning several experiments that have been conducted in lab environments. In one such experiment, a group of researchers hacked into the GPS system of a yacht and remotely steered the yacht off-course.

So, how does a security professional prepare for what's to come? For starters, enterprises should require vendors to assert that their products will not succumb to the issues listed in the OWASP Top 10 list of common application vulnerabilities. Network scanning and enumeration should be done on a frequent basis to account for what exactly resides on a given network, though it remains to be seen whether this will become impractical as the Internet continues to move from IPv4 to IPv6, posing challenges for traditional network-scanning techniques. The basis for this assertion is due to the large number of IP addresses available within IPv6. With that said, I would suggest that enterprises perform frequent penetration testing in the event that the IoT becomes a reality as a supplement to network scanning.

In short, the Internet of Things is definitely a fun concept to speculate about -- and one that infosec may call moderately anxiety-worthy. To best prepare, security professionals should stay up to speed on the latest trends regarding the various wireless technologies and stay vigilant with regard to experimental ones.

This was first published in February 2014

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: