Tag Archive for: IoT

The U.S. Government is Creating Security Standards for IoT Devices

/in


Summary


The U.S. Government is Creating Security Standards for IoT Devices
The U.S. Government is Creating Security Standards for IoT Devices

A new security bill is awaiting signature by President Trump. It directs the National Institute of Standards and Technology (NIST) to create minimum cybersecurity standards for IoT devices owned or controlled by the U.S. government. The standards will include use and management of IoT devices, as well as coordinated disclosure of vulnerabilities.

Let’s take a look at how the security bill will benefit organizations that use IoT devices.

 


Bringing (some) order to IoT device security chaos


The lack of security standards has been an issue since IoT devices became popular a decade ago, with their widespread usage outpacing the industry’s ability to agree on how to protect them.

The failure to agree hasn’t been for lack of trying. For the last few years, several industry and government groups created standards to improve interoperability and security of IoT devices, including:


In spite of these groups’ efforts, there hasn’t been sufficient incentive for the industry to align around a single set of standards. The result has been a patchwork of guidelines that address only some aspects of IoT device security.

For example, the European Union Agency for Cybersecurity (ENISA) performed a gap analysis on the existing standards related to IoT security and found that “…it is possible to deliver a device to the market that can authenticate its user, that can encrypt data it transmits, that can decrypt data it receives, that can deliver or verify the proof of integrity, but which will still be insecure.”

The current lack of standards on IoT vulnerability reporting and handling means that vendors aren’t under any obligation to disclose or remediate vulnerabilities, leaving millions of vulnerable devices at risk of…

Source…

IoT chip maker Advantech confirms ransomware attack, data theft

/in


IIoT chip maker Advantech hit by ransomware, $12.5 million ransom

11/30/20 Update below. This post was originally published on November 28th, 2020. It has been updated to reflect Advantech’s confirmation of the attack.

Industrial automation and Industrial IoT (IIoT) chip maker Advantech confirmed a ransomware attack that hit its network and led to the theft of confidential, albeit low-value, company documents.

BleepingComputer was also able to confirm that the Conti ransomware gang was the one that hit the systems of Advantech and is now demanding a $14 million ransom to decrypt affected systems and to stop leaking stolen company data.

Advantech is a global leading manufacturer of IT products and solutions, including embedded PCs, network devices, IoT, servers, and healthcare solutions, with a workforce of over 8,000 people in 92 major cities around the world.

The company was the world industrial computing leader with a 34% WW Market Share in 2018 and it reported a yearly sales revenue of over $1.7 billion in 2019.

Ransom set at 750 Bitcoins

The Conti operators behind the attack on Advantech’s network have set a ransom of 750 BTC (roughly $12,600,000 at today’s exchange rate) for full data decryption and for removing stolen data from their servers according to a chat log seen by BleepingComputer.

Conti also said that they are willing to decrypt two of the encrypted files before the ransom is paid as proof that their decryptor works.

The ransomware operators added on November 21, 2020, that they will leak part of the stolen data if there was no reply from the company within the next day.

Conti Advantech chat log

On November 26, the group began publishing Advantech’s data on their ransomware data leak site as a 3.03GB archive with 2% of the stolen data and a text document with a list of files included in the ZIP archive.

The ransomware gang also stated that if the ransom is paid they will immediately remove any backdoors deployed on the company’s network and will provide security tips on how to secure the network to block future breaches.

They also said that any stolen data would be deleted once the payment goes through. Despite their promises, research by ransomware negotiation firm Coveware has shown that some ransomware operations don’t actually remove deleted…

Source…

Internet of Things (IoT) Security Product Market – Growth, Trends, and Forecast (2020

/in


Internet of Things (IoT) Security Product Market - Growth, Trends, and Forecast (2020 - 2025)
The recent study report on  Internet of Things (IoT) Security Product  market aims to provide an end-to-end analysis of this industry vertical with respect to drivers, challenges, opportunities that will influence the business growth in coming years. Furthermore, the report elaborates the industry segmentation in great length to uncover the top growth prospects for the stakeholders in the upcoming years.
According to industry analysts, the  Internet of Things (IoT) Security Product  market is predicted to garner considerable gains with a CAGR of XX% during the forecast period 2020-2025.
Considering the latest updates, the outbreak of COVID-19 has severely impacted several businesses worldwide, leading to uncertainties in economic conditions. Although the pandemic hasn’t affected some industries, a significant number of businesses are being forced to cut down on costs and alter their strategies. Our detailed insights into the changing market dynamics post the COVID-19 pandemic aims to help the partakers develop strong contingency plans to ensure strong returns in the future.
Request Sample Copy of this Report @ https://www.express-journal.com/request-sample/259922
Key highlights of the  Internet of Things (IoT) Security Product  market report:
  • Prediction of growth rate of the market and its sub-markets during the analysis timeframe.
  • Global COVID-19 impact on industry growth trends.
  • Major opportunities.
  • Statistical coverage of overall sales volume and revenue.
  • Advantages and disadvantages of indirect and direct sales channels.
  • Vitals regarding the top traders, dealers and distributors.

Internet of Things (IoT) Security Product market segments covered in the report:

Regional bifurcation: North America, Europe, Asia-Pacific, South America and Middle East and Africa

  • Country-wise analysis.
  • Figures pertaining to total sales and returns captured by each geography.
  • Market share held by each region.
  • Information on estimated growth rate values as well as revenue secured by each region during the forecast period.

Product types: End-point or Device Security, Network Security, Identity and Access Management, Vulnerability…

Source…

A Long Day (with no Cybersecurity)

/in