13 November 2018
Secure IoT 2018 will give participants the opportunity to:
learn about potential cybersecurity threats
gain an understanding IoT security best practice;
meet leading experts, organisations and companies offering security guidance, products, solutions and services
Amazon Web Services
Department of Culture, Media and Sport (DCMS)
Industrial Internet Consortium
IoT Security Foundation
Knowledge Transfer Network
Pen Test Partners
We are seeing an ever-increasing number and sophistication of cyber-attacks on systems and products that are using connected IoT devices. These attacks are being instigated by different types of actors including: criminals; states and state sponsored; issue-orientated hactivists (malicious insiders pose the greatest threat) and ‘script kiddies’.
The risk and damage in terms of reputation, costs, health & safety to an organisation or individual due to poor security practice can be considerable.
In May, the General Data Protection Regulation(EU) 2016/679 (GDPR)became enforceable. GDPR covers "security by design" in hardware and software. Data controllers are obliged to consider "data protection by design and by default". Organisations using insecure hardware could face action under GDPR should the firmware of IoT devices prove insecure and contribute to a spillage of personal data.
If you would like to learn more about IoT Security best practice then come along to Secure IoT 2018, Internet of Things Cybersecurity conference.
TIMELINE OF IoT HACKS & VULNERABILITIES
Avast's threat labs team has discovered a new malware strain (codenamed Torii) that is building “the most sophisticated botnet ever seen” and it is targeting IoT devices. In addition to sharing information regarding infected devices, the malware's communication with the Command and Control Server allows its authors to execute any code or deliver any payload to an infected device
Ship hack 'risks chaos in English Channel - A commonly used ship-tracking technology can be hacked to spoof the size and location of boats in order to trigger other vessels' collision alarms, a researcher has discovered
Radware Threat Research Center identified a hijacking campaign aimed at Brazilian Bank customers through their IoT devices, attempting to gain their bank credentials.
SEC Consult researchers issued a warning8 about critical vulnerabilities where 9 million Xiongmai cameras, DVRs are wide open to attack
Fitness tracker data reveal locations of military bases & personnel. Strava released a data visualisation map that showed all the activity tracked by users of its app, which allows people to record their exercise and share it with others. Users were able to identify locations including a suspected CIA base in Somalia, a Patriot missile defense system site in Yemen and US special operations bases in the Sahel region of Africa.
Scientists at the Ruhr-Universitaet in Bochum, Germany, have discovered a way to hide inaudible commands in audio files–commands that, while imperceptible to our ears, can take control over voice assistants like Alexa, Siri, or Cortana.
WannaCry ransomware infected over 200,000 devices infected in more than 150 Nations, this Impacted FedEx, Spanish telecoms and gas companies, French Renault car production factories, Russian interior ministry, and the U.K. National Health Service. This was the first, large scale cyber-attack that affected healthcare industry directly, by infecting tens of thousands of the NHS's hospitals' devices, including MIDs such as MRI.
US Food & Drug Administration issued a letter12 calling for the voluntary recall of some 465,000 Abbott (formerly St. Jude Medical) pacemakers to reduce the risk of patient harm due to potential exploitation of cybersecurity vulnerabilities.
Research by Trend Micro revealed 83,000 industrial robots are ‘exposed’ to the public-facing internet, of which thousands are not protected with authentication
Mirai malware - A massive Internet Distributed Denial of Service attack which caused outages for many Web sites in the US (including Twitter, Amazon, Spotify and Netflix) was launched with the help of hacked “Internet of Things” (IoT) devices, such as CCTV digital video recorders
A cyber-attack on Ukrainian electricity distribution companies15 caused a major power outage, with disruption to over 50 substations.
Fiat Chrysler had to recall 1.4 million cars in US16 after security researchers showed that one of its cars could be hacked. Hackers could send commands through the Jeep’s entertainment system to its dashboard functions, steering, brakes, and transmission, all from a laptop connected to the internet
A hack attack caused massive damage at a German Steel plant