Security News
A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. "Once the vulnerable devices are compromised, they will be fully controlled by attackers and become a part of the botnet," Unit 42 researchers said.
ASCON is the name of the group of lightweight authenticated encryption and hashing algorithms that the U.S. National Institute of Standards and Technology has chosen to secure the data generated by Internet of Things devices: implanted medical devices, keyless entry fobs, "Smart home" devices, etc. Why are the ASCON encryption algorithms a good choice for IoT devices?
The US National Institute of Standards and Technology wants to protect all devices great and small, and is getting closer to settling on next-gen cryptographic algorithms suitable for systems at both ends of that spectrum - the very great and the very small. The lightweight cryptography algorithms for IoT need to be powerful enough to offer high security and efficient enough to do so with limited electronic resources.
The National Institute of Standards and Technology announced that ASCON is the winning bid for the "Lightweight cryptography" program to find the best algorithm to protect small IoT devices with limited hardware resources. The weak chips inside these devices call for an algorithm that can deliver robust encryption at very little computational power.
The U.S. National Institute of Standards and Technology has announced that a family of authenticated encryption and hashing algorithms known as Ascon will be standardized for lightweight cryptography applications. "The chosen algorithms are designed to protect information created and transmitted by the Internet of Things, including its myriad tiny sensors and actuators," NIST said.
Tensions between two of the biggest producers of connected devices are coming to a head, and will be changing the IoT landscape in 2023. In recent months, India and China have faced off over their disputed border in the Himalayas.
According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% of the attacks occurring in the past four months. What's more, 95% of the attacks leveraging the security shortcoming that emanated from Russia singled out organizations in Australia.
IoT hardware is at the heart of much modern operational technology, the systems that support businesses, the systems that mix modern IoT hardware with legacy control and data collection devices. So how can we protect our devices, networks and businesses, especially when we already have a large estate of deployed hardware? Microsoft's Defender for IoT is one option, adding network sensors and firmware analysis tools to help spot compromised and at-risk hardware and working in conjunction with Microsoft Sentinel to use machine learning to identify threats early.
IoT remains the biggest hurdle in achieving an effective zero-trust security posture across an organization. In this Help Net Security video, Denny LeCompte, CEO at Portnox, discusses how IoT has been difficult to profile accurately and why zero trust strategies fail when applied to IoT. More about.
With the rapid expansion of Internet-connected devices, both consumer and industrial, the cyber-threat landscape is growing faster than individuals' ability to keep up. Comcast's biennial take on consumer cyber health, the 2022 Xfinity Cyber Health Report, found that there are an average of 15 connected devices per household, up 25% from 2020 - with "Power users" having as many as 34.