Industry News

Whizz Kids, Old Hands at RSA 2015 Examine the (In)Secure Future of the Internet of Everything

Tech enthusiasts, whizz kids and security veterans gathered in San Francisco last week for the annual RSA conference security event to discuss failures, successes and challenges of internet security. In case you missed the news, here’s a short overview of some of the memorable demos and ideas of this year’s event:

  • Billy Rios, founder of security firm Laconicly, exploited a two-year-old vulnerability in a Vera smart-home automation device, which offered him total access to the device’s network and all computers attached to it.
  • “Contactless payment systems are not fraud proof,” said Matthew Ngu, engineering manager with RSA, in a talk about payment systems. “But they are more secure than [magnetic] stripe-based systems,” he added.
  • Attackers leave cheap, malicious devices lying around and hope someone plugs them in – said Ed Skoudis, SANS instructor and founder of Counter Hack. He referred to this trend as “disposable hacking technology.”
  • Despite the rush to the cloud, certificate authentication is still the Achilles’ heel of the industry, according to Scott Charney, corporate vice president of Trustworthy Computing at Microsoft.
  • FireEye researchers Yulong Zhang and Tao Wei showed how malware can bypass fingerprint authentication used to unlock Samsung Galaxy S5
  • Researchers from Skycure demonstrated an attack that affects iPhones and other iOS devices. Taking advantage of new and known vulnerabilities, attackers showed how to lock iPhones into a never-ending reboot cycle, effectively rendering them useless.
  • Ransomware could spread beyond just PCs as the Internet of Things becomes more pervasive, concluded Adi Shamir, a member of the Weizmann Institute in Israel and of the RSA.

On the sidelines, it seems everyone was whispering about data — the challenges of collecting it, analyzing it and securing the colossal amounts of it provided by IoT devices. And, to outline the challenge facing both security experts and common users, IDC, the global market intelligence company, predicted 90% of all ‪IT networks will suffer an ‪‎IoT security breach in the next few years.

About the author

Alexandra GHEORGHE

Alexandra started writing about IT at the dawn of the decade - when an iPad was an eye-injury patch, we were minus Google+ and we all had Jobs. She has since wielded her background in PR and marketing communications to translate binary code to colorful stories that have been known to wear out readers' mouse scrolls. Alexandra is also a social media enthusiast who 'likes' only what she likes and LOLs only when she laughs out loud.