Are your “smart” devices safe?Josh Corman on security vulnerabilities in the Internet of Things

In this excerpt from an interview in HPE Business Insights, security expert Josh Corman outlines some of the security issues raised by the growing reliance on the Internet of Things. Corman is the co-founder of the cyber safety organization “I Am The Cavalry.”

“Software permeates everything we do.”

3

—Josh Corman

“Software permeates everything we do.As connectivity seeps into every aspect of our lives, the line between personal and business devices becomes ever blurrier.”

4

—Josh Corman

“Software permeates everything we do.As connectivity seeps into every aspect of our lives, the line between personal and business devices becomes ever blurrier. No organization is immune from the threat of a breach via an Internet of Things (IoT) connected device.”

5

—Josh Corman

6

“It’s not beyond the realm of possibility for your organization to be hacked through the office coffeemaker…

7

…or a wearable fitness device, thanks to a lack of thorough software security.”

Imagine how much this expands the attack surface.

8

We’re used to thinking about security vulnerabilities here…

9

…but what about here?

10

…here?

11

12

…or here?

Are hackers already interested in exploring these new vulnerabilities?

13

You bet!

Researchers are finding that a multitude of vulnerable, exposed, unpatchable IoTsystems are already showing signs of exploitation, according to Corman.

14

And not just that Jeep hack you heard about where the guys took over the car remotely and eventually ran it off the road.

http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

15

Talk about expanded attack surface!

16

“New high-end cars are among the most sophisticated machines on the planet, containing 100 million or more lines of code.”

17Source: Complex Car Software Becomes the Weak Spot Under the Hood

By DAVID GELLES, HIROKO TABUCHI and MATTHEW DOLANSEPT. 26, 2015

“New high-end cars are among the most sophisticated machines on the planet, containing 100 million or more lines of code.

Compare that with about 60 million lines of code in all of Facebook or 50 million in the Large Hadron Collider.”

18Source: Complex Car Software Becomes the Weak Spot Under the Hood

By DAVID GELLES, HIROKO TABUCHI and MATTHEW DOLANSEPT. 26, 2015

Whose responsibility is it to secure all this complexity?

For example, do you believe the auto manufacturers will be able to take care of securing all that code all across their software supply chain?

20

21

https://www.hpe.com/h30683/us/en/strategic-business-insights/c/enterprise-security/innovation/josh-corman-leads-the-drive-to-make--smart--devices-secure.html

To find out more about Josh Corman’sadvice on how your company can approach these issues, read the complete interview in HPE Business Insights.

…or watch the 6-minute video“Internet of things and the hackable human.”

22

Thank you