Page 7 - index
P. 7
Why Visibility is Critical to Securing the Internet of Things
By Chris Rouland, Founder & CEO, Bastille
Depending on which analyst firm you tend to believe, it is estimated that there are currently
between 10-13 billion connected devices worldwide. In addition, projections forecast an
explosion of devices will hit the mass market– everything from wearables and Bluetooth to
home appliances and medical devices – adding up to 50 billion connected devices or more by
2020.
As the world becomes increasingly more connected, there is a rising fear over the security of
corporate and personal privacy within our hyper-networked environments.
The majority of the world is still adapting to threats using the Internet as a means to exploit
device vulnerabilities. In fact, businesses and consumers are paying more attention to
cybersecurity concerns than ever before, as evident by the projected growth of the Information
Security Market, which is largely expected to exceed $125 Billion in 2015, according to Global
Industry Analysts.
But a recent study from Israel’s Ben-Gurion University paints a different picture; one that
suggests we might not be securing all of the right networks and devices in all of the right places,
as environments once considered impenetrable are now at realistic risk of falling victim to
malicious cyber activity.
The Ben-Gurion University researchers, Mordechai Guri and Professor Yuval Elovici, recently
created Airhopper, an application that can read keystrokes from an isolated network machine,
also referred to as an air-gap environment.
Using a compromised cell phone and a connected set of ear buds acting as an antenna,
Airhopper was successful in using a cell phone’s built-in FM radio receiver to intercept radio
frequencies (RF) coming from a computer’s video display.
What does this mean? Essentially, it means that critical data can be stolen, in real-time, from a
machine that is completely offline.
Of course, there are limitations to Airhopper’s capabilities. For one, it has a short range of
transmission at only 7 meters; and it is also very slow, only capable of transmitting at 13-60
bytes per second. Despite its current range and speed confines, Airhopper and other
technologies warrant real concern from information security executives.
Critical and sensitive data, such as passwords and credentials, are now at 24/7 risk of
penetration, whether the devices they reside on are offline or on.
So if cyber threats no longer require an Internet connection to cause havoc, what can be done
to keep a company’s assets and infrastructure safe? How can companies ensure the personal
privacy of their employees, vendors and the thousands of daily visitors coming in and out of
their offices?
7 Cyber Warnings E-Magazine – December 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
