- Security TWENTY
- Women in Security
Most (80.1pc) IT professionals worry about the potential for attacks originating through their Internet of Things (IoT) devices, according to a recent survey by a US security software company. The survey for Lieberman Software Corporation also showed that most IT pros (63.1pc) are not confident that their organizations can track and manage all the IoT devices on their networks. The survey was among nearly 160 attendees of RSA Conference 2017.
The Internet of Things consists of billions of devices. That figure may reach tens of billion by 2020. This rapid growth in connectivity has likewise increased cyber security threats. In response to these threats the IoT security market is estimated to reach a valuation of $36.95 billion by 2021, according to Marketsandmarkets.com.
Last year’s DDOS attack on DNS provider Dyn, which took down Twitter, Pinterest, Netflix and other major web sites, has been referred to as a wake up call about the dangers of unsecured connected devices. The attack on Dyn was orchestrated using the Mirai botnet, which is largely made up of IoT devices. The attack also illustrated the dangers of unsecured default passwords on these devices.
The Lieberman survey queried respondents about changing default passwords on the IoT devices in the network. More than half (50.7pc) admitted they do not have a process to change these passwords.
Philip Lieberman, pictured, President and CEO of Lieberman Software, called the responses to this survey a good representation of the emerging threat of unsecured IoT devices. He said: “Every one of these connected devices has an administrative back door that poses a risk. My advice to organizations is to assume that the credentials for their IoT devices are already compromised. And considering the vast number of devices in large enterprises, the only way to handle securing these credentials is through an automated security solution that can manage the scale.”
Other IoT topics measured in the survey include:
– The estimated number of IoT devices on respondents’ networks – about 40pc have more than 500
– Whether or not IT professionals change the built-in passwords on devices in their homes – 72pc do
– If the subject of built-in passwords on IoT devices is included in their IT security planning – 60pc said yes.
For more on the survey see http://go.liebsoft.com/IoT-Security-Survey.