LinuxLink Login   |   1.866.392.4897 |   sales@timesys.com    |  Contact Us          

The US Federal Bureau of Investigation has issued a warning about Internet of Things device security issues, the latest in a continuing string of IoT attack and security vulnerability warnings from the US’s top law enforcement agency.

Attackers are using compromised IoT devices as proxies to mask various illicit activities, the FBI said, citing spamming, click-fraud, illegal trade, botnets for hire, and other crimes being committed using IoT devices.

The Bureau said IoT device vulnerabilities are being exploited by these attackers, naming routers, media streaming devices, Raspberry Pis, IP cameras, network attached storage (NAS) devices as among the types of products covered by the warning.

“Cyber actors typically compromise devices with weak authentication, unpatched firmware or other software vulnerabilities or employ brute force attacks on devices with default usernames and passwords.”

The FBI’s warning highlights some end-user actions that can mitigate the risk of IoT device compromise. They include rebooting devices regularly, changing default passwords, ensuring devices are updated and that security patches are applied and isolating IoT devices from other network connections.

While mainly end-user focused, the FBI’s defense and mitigation recommendations also point to requirements that device developers and manufacturers should consider as they bring IoT products to market for end-users.

Such requirements can include:

Of course, every product destined for an IoT deployment should also be subjected to security testing, vulnerability assessment, and composition analysis to generate a Bill of Materials to inventory open source components.

Our Threat Resistance Security Technology (TRST) Solutions can help you to design more secure products and confirm your device’s security posture with security auditing.

Our TRST offering also enables you to maintain product security throughout the product lifecycle, including aiding your end-customers with mitigating security issues and risks such as those identified by the FBI.

Contact us today to learn more about how we can help ensure your product has a strong and effective security posture.

Adam Boone is VP of Marketing at Timesys. Over two decades, Adam has launched more than 50 solutions in networking, cybersecurity, enterprise applications, telecom and other technology areas. He completed his MBA in Business Strategy at Arizona State and the Marketing Strategy Program at Penn’s Wharton School.

About Timesys

Timesys has extensive experience with embedded system development and lifecycle management. Timesys has been instrumental in working with global leader semiconductor manufacturers with smart, quick and quality solutions for highly complex systems with accelerated product innovation and multiple product variants.