FBI and the DHS (Finally) Weigh in on IoT
Friday, September 11, 2015 at 4:23PM
Cumulati in DHS, FBI, Government, Industrial Internet, IoT, Security

It's been a long time coming, IMO, but the NCCIC Computer Emergency Readiness Team has released a note "…capturing the urgency of an IC3 alert on Internet of Things devices…" 

An excerpt:

What are the IoT Risks?
Deficient security capabilities and difficulties for patching vulnerabilities in these devices, as well as a lack of consumer security awareness, provide cyber actors with opportunities to exploit these devices. Criminals can use these opportunities to remotely facilitate attacks on other systems, send malicious and spam e-mails, steal personal information, or interfere with physical safety. The main IoT risks include:

For anyone involved in this arena, this rates a round of polite applause, but also feels (to me) to be far too little, far too light and far too late.  The recommendations included in the document are sensible, practical and fall woefully short of providing guidance to the nature of IoT devices that are managed and administered remotely.   

Thanks to Bob Gourley, who blogged on this in: Time To Spread The Word on Internet of Things Dangers: Read what FBI and DHS Cyber Centers Need Us All To Know - CTOvision.com:

Article originally appeared on telematica (http://www.telematica.com/).
See website for complete article licensing information.