• Case Lookup
  • Emerge Login
Locate Us
Join Us
Français
Compugen logo Home
  • Business Solutions ^
    • Business Solutions
    • Datacentre & Cloud ^
      • Datacentre & Cloud
      • Converged Datacentre
      • Cloud Computing
      • Server Virtualization
      • Enterprise Storage
      • Data Management & Protection
    • Communication & Collaboration ^
      • Communication & Collaboration
      • Business Communications
      • Networking
      • Wireless
    • End User Computing ^
      • End User Computing
      • Desktop Management
      • Mobility
      • Application Delivery
    • Security
  • Products & Services ^
    • Products & Services
    • Managed & Packaged Services ^
      • Managed & Packaged Services
      • Managed Solutions
      • End User Support
      • Infrastructure Support
      • Software Management
      • Managed Print
      • Packaged Services
    • Professional Services ^
      • Professional Services
      • Program & Project Management
    • Support & Maintenance ^
      • Support & Maintenance
      • Imaging & Deployment
      • Ongoing Maintenance
      • Staffing
    • Asset Disposal & Recycling
    • Hardware & Software Management ^
      • Hardware & Software Management
      • Hardware
      • Software
      • Online Lifecycle Management (Emerge)
    • Financing
  • Industry ^
    • Industry
    • K-12 Education
    • Higher Education
    • Heathcare
    • Retail
    • SMB
  • Learning Center ^
    • Learning Center
    • Blog
    • Customer Stories
    • Events & Training
    • News & Awards
    • Resources
  • About ^
    • About
    • Our Story
    • Leadership
    • Our Offices
    • Our Partners
    • Careers ^
      • Careers
      • Current Opportunities
    • Green Initiatives
    • Community Involvement
  • Contact Us
IT Buzz Banner

Looking for a little inspiration, some ideas or trusted advice? We've got you covered.

The Internet of Things primer: Security considerations in the era of IoT

Posted By Inder Singh Digital Transformation Architect September 01, 2022

IOT Security

Internet-connected devices have exploded in number in the last decade – making security a bigger challenge than ever before

IoT devices like connected medical equipment, connected vehicles and smart personal devices all collect and exchange data. The data is used to provide information about people wearing these devices or about the environment in which the devices operate, and even control the devices themselves. New devices and smart systems that employ sensors and controllers are being developed at an exponential rate. The speed at which IoT is advancing is causing substantial risk in terms of security and data breaches.

The issue arises due to the lack of security measures built into the early phases of IoT development and is now becoming a major concern. Most of these devices have memory and processor limitations in order to reduce their size and power requirements. The multitude of IoT applications poses its own security challenges as well.

According to Kaspersky Labs, the main problem of smart devices is keeping firmware up to date. Kaspersky indicates that manufacturers are slow to release firmware updates for smart devices, and in a worst-case scenario, they get none at all. What’s more, many devices don’t have the ability to install firmware updates.

Preconfigured passwords set by the manufacturer pose another threat. Often, credentials can be the same for all models of devices for a manufacturer and login/password combinations can easily be found on the Internet. This becomes an issue when administrators do not make an effort to customize device passwords, leaving them vulnerable to attacks. In addition, many IoT devices have their telnet and/or SSH ports exposed to the Internet. A combination of the two makes these IoT devices easy targets.

Although many security breaches have been due to older implementations of IoT, hackers are continually finding ways to exploit new systems. THE VERGE, a technical publication, told the story of Verkada, a Silicon Valley company that provides Security-as-a-Service, who suffered a major breach in 2021. As a result,150,000 security cameras were compromised at Tesla factories and warehouses, Cloudflare offices, hospitals, jails, and schools, among other organizations.

Hackers claimed that they had access not only to the live feed but also to full video archives of Verkada’s customer base. The group gained super admin-level access to the company’s systems using a username/password found on the Internet. From this initial access, hackers were able to access Verkada’s network, including root access to cameras. This, in turn, allowed the hackers to access the internal networks of some of Verkada’s customers.

However, work is being done to reduce the number of IoT breaches. New devices and systems are being manufactured with the ability to update firmware and new firmware is being updated by OEMs more frequently. Data is encrypted as it is collected, and encryption is maintained throughout the data’s journey to the IoT platform, where it is both analyzed and stored. Credentials are being hardened and access is being restricted so that brute force attacks are less likely.

In addition to these measures, becoming more readily available are security products that allow IoT systems to be monitored and assessed for their security posture. These systems also detect and generate alerts for suspicious behaviour on the network.

One such system that we work with is Cisco’s Industrial Threat Defense. This suite of solutions is Cisco’s answer to growing cybersecurity concerns in the IoT/OT domain and is being deployed in various types of enterprises, including manufacturing, oil and gas, power and utilities, and transportation. Industrial Threat Defense services provide network visibility, detect threats, and prevent them from spreading. You can also layer these solutions with your existing security framework to stream security events along with the corresponding context to your security operations centre (SOC) for a truly converged IT/OT protection strategy.

If you’re looking for ways to strengthen the security of your IoT network, reach out to us. We’re here to help.

< Previous Article

Sending your voice to the cloud: The benefits of SaaS telephony

Next Article >

IT problem-solving goes deeper than just technology

We address the bottom of the iceberg. Sign up and get relevant and timely content about our approach to business through an IT lens.

Navigation

Business Solutions

  • Industry
  • Datacentre & Cloud
  • Communication & Collaboration
  • End User Computing
  • Security

Products & Services

  • Managed & Packaged Services
  • Professional Services
  • Support & Maintenance
  • Asset Disposal & Recycling
  • Hardware & Software Management
  • Financing

Customer Stories

  • Corporate
  • Education
  • Energy and Utilities
  • Finance
  • Healthcare
  • Non-profit
  • Public Sector
  • Retail

About

  • Our Story
  • Leadership
  • Our Offices
  • Our Partners
  • Green Initiatives
  • Community Involvement
  • Awards

Careers

  • Working at Compugen
  • Current Opportunities

Contact

  • Find A Location

News & Articles

  • Find A Location
  • Awards

Client Login

  • Case Lookup
  • Emerge Login

Industry

  • K-12 Education
  • Healthcare
  • Higher Education
  • Retail
  • SMB

Connect With Us

  • twitter
  • facebook
  • linkedin
IT Buzz
  • Privacy Policy
  • Accessibility
  • Terms & Conditions
  • National Master Standing Offers (NMSO)
  • Terms of Product Sales
  • Terms for the Supply of Services

©2023, Compugen Inc. Website by Caffeine Creations.