Guide to Identify if ISPs are Spying on your IoT devices
A lot of attacks today happen by tricking a user in different ways—by asking to open a malicious file, clicking on a link, or asking them to enter specific personal information in a fake website. But hacking strategies are a little different when it comes to IoT. This happens partly because often, there is no interface for the user to interact with, but additionally, the devices themselves present poor implementations and vulnerabilities of security measures.
Since, with IoT devices, every manufacturer has their own firmware, designs their architecture, and uses different protocols, understanding the architecture comes first, followed by identifying the components involved, and determining the way devices interact among themselves. The ideal way to do it is by making a diagram of service to find out what could go wrong with every part involved, thus allowing you to define the attack surface and work out the different individual vectors that could be used. Your analysis at this stage can be as precise as you require; try and identify the components that could be useful in helping you search for possible vulnerabilities.
Once you have the diagram and your analysis lab ready, look for the vulnerabilities by seeing how you interact with different components beyond the regular flow. Start with devices meant for communication that are intercepting some traffic entering or exiting the device, through Bluetooth, or Wi-Fi, or even a TV’s remote controller. It is very usual for such devices to send information between some of their components and not request any authentication or use insufficient encryption.
You can begin to run your own security if there are any smart devices in your home. The AttfyOS operating is system is a fine tool to start with.
Big Data: Blessing or a Boon?
By John Kamin, EVP and CIO, Old National Bancorp
By Gregg T. Martin, VP & CIO, Arnot Health
By Dave Doyle, CIO & SVP, IT, Regal Entertainment Group
By Sergey Cherkasov, CIO, PhosAgro
By Adrian Mebane, VP-Global Ethics & Compliance, The Hershey...
By Mike Fitton, Wireless Business Unit Director, Altera
By Jim Kaskade, VP and GM, Big Data & Analytics, CSC
By Thomas Musgrave, EVP & CIO, AmeriCold Logistics
By Vin Sharma, Director, Strategic Planning & Marketing, Big...
By Federico Flórez, Chief Information & Innovation Officer,...
By Barbara Adams, VP, Innovative Technology Solutions, Texas...
By John Mason, CIO, Bottomline Technologies
By Jamshid Khazenie, CTO, USA Today Network / Gannett
By Miguel Gamino, CIO & Executive Director-Department of...
By Bill Schimikowski, VP, Customer Experience, Fidelity...
By Tom Bressie, Vice President, Oracle Cloud
By John Landwehr, Public Sector CTO, Adobe
By Aaron Gette, CIO, The Bay Club Company
By Denise Zabawski, CIO, Nationwide Children's Hospital
By Amit Bahree, Executive, Global Technology and Innovation,...