IOT News Roundup

IIC members preparing to test time-sensitive networking standard; Senate bill calls for IoT research, support; AgeCheq offering new consumer data safeguard; HARMAN, NXP demo V2X technology; Pwnie Express reports on "Internet of Evil Things"; GlobalSign, Infineon partner on IoT security.
By Mary Catherine O'Connor

Pwnie Express Details Most Data-Insecure Devices

Pwnie Express, a provider of digital security solutions for enterprise customers, has released a research report, titled "The Internet of Evil Things: Top Connected Device Threats 2016." As the title implies, the report surveys the security risk associated with IoT devices. The report is based, in part, on the results of an online survey that Pwnie Express conducted in December 2015. The respondents included more than 400 global information security professionals. Half of the respondents said they are either "very concerned" or "extremely concerned" by security threats posed by devices connected to their enterprise's network, and 86 percent expressed at least some level of concern. Sixty-seven percent said they are more worried about connected-device threats than they were a year ago, while 55 percent have witnessed an attack via a wireless device, and 38 percent have witnessed an attack via a mobile device.

A major source of worry is the growing use of cellular and other mobile devices linked to corporate networks but not administered or managed by the company, respondents said. In fact, 37 percent of respondents said they can't tell how many devices are connected to their networks, while 40 percent indicated that their organizations are "unprepared" or "not prepared at all" to detect security threats posed by IoT devices connected in their networks.

As part of this research initiative, Pwnie Labs (the research and development division at Pwnie Express) aggregated and analyzed more than seven million wireless and wired devices detected by its SaaS-based Pwn Pulse platform, which enables broad-spectrum device visibility of bring-your-own (BYO) mobile, wireless, Bluetooth, wired and other connected devices on and around enterprise networks. It compared this analysis to data collected in 2014. Among its findings are that Xfinity Wi-Fi had taken the lead as the most common default open wireless network; that Hewlett-Packard printers are the most prevalent wireless devices deployed with a vulnerable default communication settings configuration (exposing confidential print jobs and compromising corporate client devices to hackers) and offering a backdoor into private corporate networks; and that 35 percent of wireless access points deployed within the last six to 12 month show weak or no encryption. The full report can be downloaded from the Pwnie Express website.

GlobalSign, Infineon Partner on Security Solutions

GlobalSign, a provider of identity and security solutions, has partnered with chipmaker Infineon Technologies and the InterOperability Lab at the University of New Hampshire (UNH-IOL) to demonstrate the application of hardware, public key infrastructure (PKI) and cloud services in IoT environments. GlobalSign's PKI security platform will be deployed with Infineon's OPTIGA Trusted Platform Module (TPM) SLB9645 chip, which stores the private key required to execute cryptographic functions, such as authentication and encryption.

This combined solution employs the TMP standard from the Trusted Computing Group and can be easily integrated into a variety of IoT platforms, according to the companies. In addition to providing a laboratory to demonstrate this IoT security solution, UNH-IOL will provide interoperability testing for their combined products.

JOIN THE CONVERSATION ON TWITTER
Loading
ASK THE EXPERTS
Simply enter a question for our experts.
Sign up for the RFID Journal Newsletter
We will never sell or share your information
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations