Slashdot Mirror

← Back to Stories (view on slashdot.org)

IoT Security Flaw Leaves 496 Million Devices Vulnerable At Businesses, Report Says (crn.com)

Posted by msmash on from the security-woes dept.

Nearly a half-billion Internet of Things devices are vulnerable to cyberattacks at businesses worldwide because of a 10-year-old security flaw, according to a new report from a security software vendor. From a report: The report was published Friday by Armis, a provider of Internet of Things security software for enterprises that focuses on detecting threats in IoT devices at workplaces. The Palo Alto, Calif.-based company has previously made security disclosures, including the BlueBorne malware attack that impacted 5 billion IoT devices.

5 of 108 comments (clear)

  1. a provider of Internet of Things security software by Anonymous Coward · · Score: 3, Insightful

    says these devices have security flaws.

    wait, whut? no fucking way. really?

  2. Re:Just desserts by Ol+Olsoc · · Score: 5, Insightful

    If you let your appliances communicate with anybody but you, you deserve what you get.

    If for some incredibly stupid reason you need the company toilets and cameras and other crap connected toa network, build a separate network for them that never connects to teh intertoobz.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  3. Bullshit attack by mveloso · · Score: 3, Insightful

    This is a bullshit attack. If they've already gotten to the embedded web server then they don't need you to change your thermostat.

  4. Re:This is why I don't trust IoT by Opportunist · · Score: 3, Insightful

    The problem with microcontrollers and security is that security consumes a fair lot of processing power if done right. And while this is really no concern these days for a desktop or even a mobile computer (including smartphones), it still is a concern for lower end IoT devices powered by microcontrollers that can barely accomplish what their function is with the computing power they have.

    And try to justify the 2.50 bucks for the extra IC (or the next powerful IC) to implement sensible security. Not to mention the hundreds of hours.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. Re:They won't learn by LordWabbit2 · · Score: 3, Insightful

    Everything could be made secure. But it isn't and it's not going to happen anytime soon either. Not until people start dropping dead, and by then there will be so many insecure devices that instead of fixing the problem it's cheaper to make a Draconian example of the "hacker". This is already happening, the horse has bolted from the stables, and we CAN'T close the door, so now we crucify the person who finds the horse.

    --
    There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.