行业新闻 (News) 芯片封装主页/ 行业新闻 / 物联网安全差距正在扩大
< 返回列表

物联网安全差距正在扩大

物联网安全差距正在扩大| EE Times 研究表明,企业的物联网流量正在上升 - 风险也在增加。

In May 2019, my research team analyzed IoT traffic on our cloud for one month to see what types of devices were in use on our enterprise customers' networks as well as the volume of traffic they were generating, their destinations, and any behavior that raised security concerns. During the month, we saw 56 million transactions from 270 different types of devices in more than 1,000 organizations.在2019年5月,我的研究团队分析了我们云上的物联网流量一个月,看看我们企业客户网络上使用了哪些类型的设备,以及他们生成的流量,目的地和任何活动安全问题。本月,我们在1,000多个组织中看到了来自270种不同类型设备的5600万笔交易。

The last time we did a report on IoT traffic was the summer of 2016. The traffic volume we just saw was more than 150 times greater than that of three years ago.我们刚看到的交通量比三年前增加了150多倍。

The problem is that it's super easy to connect devices to your network, but not so easy to see and manage them. Visibility, or the lack thereof, is a gaping problem. If you don't know what devices are sending and receiving communications over the internet, you can't possibly ensure those communications are secure.可见性或缺乏可见性是一个巨大的问题。如果您不知道哪些设备正在发送和接收通信来克服问题,那么将设​​备连接到您的网络很容易,但不容易看到和管理它们。互联网,你不可能确保这些通信是安全的。

In our analysis, we saw a variety of consumer devices generating traffic, such as smart watches, home assistants, and even a few cars. Consumer-grade IoT devices are notorious for weak security, with default passwords that often go unchanged, making them susceptible to brute-force attacks. In fact, IoT malware that we recently analyzed contains lists of default passwords in their code, so such attacks are fairly trivial.消费者不关心安全性差,可用安全性,可用安全因素,可用安全问题,以及各种消费设备产生流量,如智能手表,家庭助理,甚至一些汽车。事实上,我们最近分析的物联网恶意软件包含其代码中的默认密码列表,因此此类攻击相当简单。

It's mind-boggling that in 2019 companies continue to ship products with little to no security. Because nothing is stored on these devices, the prevailing wisdom has been that intrusion prevention and other controls are unnecessary. But the Mirai botnet attack illustrated how misguided that mindset is. Bad actors can easily recruit massive armies of devices that can be used to attack targeted companies, governments, infrastructure, you name it.因为没有任何东西存储在设备上,因为麻烦是有入侵防御和其他控制是没有必要的。但是Mirai僵尸网络遭到攻击糟糕的演员可以很容易地招募大量的设备,可以用来攻击目标公司,政府,基础设施,你可以命名。

Wait, it gets worse.More than 90 percent of the traffic generated by the IoT devices we analyzed last month used the plain-text HTTP protocol, which means that any data they send can be intercepted. It also makes them subject to man-in-the-middle attacks, in which a malicious actor can change what your device is transmitting to an internal server or a supplier, for example.我们上个月分析的物联网设备产生的流量的90%以上使用了纯文本HTTP协议,这意味着他们发送的任何数据都可以被拦截。这也使得它们受到人为干扰例如,中间攻击,恶意行为者可以更改您的设备传输到内部服务器或供应商的内容。

Most internet traffic is encrypted today—as of this writing, SSL/TLS traffic accounts for 94 percent of traffic across今天大多数互联网流量都是加密的 - 截至本文撰写时,SSL / TLS流量占流量的94% Google . There are many good reasons for using encryption and they apply to IoT traffic, too.使用加密有很多充分的理由,它们也适用于物联网流量。

During our analysis, we saw six different malware strains targeting IoT, including a Mirai variant, and each month we block an average of 6,000 transactions from IoT-based malware and exploits. Some of the exploits we analyzed earlier in the year were dropping payloads that exploited vulnerabilities in IoT management frameworks, giving attackers the ability to execute code remotely, typically to turn the infected device into a bot.在我们的分析过程中,我们看到了针对Io的六种不同恶意软件,包括Mirai变种,每个月我们平均阻止6,000次交易。分析了一些漏洞。利用物联网管理框架,使攻击者能够远程执行代码,通常是将受感染的设备转变为机器人

· 2019-06-08 08:25  本新闻来源自:eetimes,版权归原创方所有

阅读:995
  • 联系长芯

    重庆总部:重庆市长寿区新市街道新富大道5号佳禾工业园8栋2层
    电话:023 40819981 (前台)

    深圳办事处:深圳市南山区留仙大道 1213 号众冠红花岭工业南区 2 区 1 栋 1 楼
    电话:0755-26975877 (前台)

    电子邮件:sales@longcore.com

    网址:http://www.longcore.com