banner1
banner2

HOME
MagazineCoverage

Vulnerabilities in IoT

by VARINDIA 2022-09-05
Vulnerabilities in IoT

An IoT device typically lacks the required built-in security to counter security threats. Common vulnerabilities and exposures allow cyber criminals to breach the device and use it as a foothold to launch sophisticated cyberattacks.

 

Vulnerability disclosures impacting extended internet of things devices has increased by 57% in the first half of 2022 compared to the previous six months, as per the research by Claroty.

 

The report also found that over the same time period, vendor self-disclosures increased by 69%, becoming more prolific reporters than independent research outfits for the first time, and fully or partially remediated firmware vulnerabilities increased by 79%, a notable improvement given the relative challenges in patching firmware versus software vulnerabilities.

 

The report is an examination and analysis of vulnerabilities impacting the Extended Internet of Things, a vast network of cyber-physical systems including operational technology and industrial control systems, Internet of Medical Things, building management systems, and enterprise IoT.

 

The top mitigation step is network segmentation (recommended in 45% of vulnerability disclosures), followed by secure remote access (38%) and ransomware, phishing, and spam protection (15%).

 

After decades of connecting things to the internet, cyber-physical systems are having a direct impact on our experiences in the real world, including the food we eat, the water we drink, the elevators we ride, and the medical care we receive,” say experts.

 

A report says 15% of vulnerabilities were found in IoT devices, a significant increase from 9% in Team82’s last report covering the second half of 2021. Additionally, for the first time, the combination of IoT and IoMT vulnerabilities (18.2%) exceeded IT vulnerabilities (16.5%). This indicates enhanced understanding on the part of vendors and researchers to secure these connected devices as they can be a gateway to deeper network penetration.

 

The Published firmware vulnerabilities were nearly on par with software vulnerabilities (46% and 48% respectively), a huge jump from the 2H 2021 report when there was almost a 2:1 disparity between software (62%) and firmware (37%).

 

The Claroty report claims that they had conducted this research to give decision makers within critical sectors a complete snapshot of the XIoT vulnerability landscape, empowering them to properly assess, prioritize, and address risks to the mission-critical systems underpinning public safety, patient health, smart grids and utilities, and more.

er

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
India and Thailand Strengthen Cooperation to Fight Cybercrime and Human Trafficking in Southeast Asia

India and Thailand Strengthen Cooperation to Fight Cybercrime and Human Trafficking in Southeast Asia

SonicWall sets new standard with next generation security solutions built for MSPs

SonicWall sets new standard with next generation security solutions built for MSPs

Seqrite announces SIA - an AI-powered virtual security analyst

Seqrite announces SIA - an AI-powered virtual security analyst

SOFTWARE
View All
HCLTech unveils AR-powered IT infrastructure solution in collaboration with CareAR

HCLTech unveils AR-powered IT infrastructure solution in collaboration with CareAR

GoDaddy Agency to help digital consultants grow

GoDaddy Agency to help digital consultants grow

ManageEngine includes AI-powered enhancements to its Unified PAM platform

ManageEngine includes AI-powered enhancements to its Unified PAM platform

START - UP
View All
Data Safeguard Secures Seed Funding from Auxano Capital

Data Safeguard Secures Seed Funding from Auxano Capital

Perkant Tech raises INR 6.6 crore Seed Round Led by YourNest Venture Capital & Govt. Initiatives

Perkant Tech raises INR 6.6 crore Seed Round Led by YourNest Venture Capital & Govt. Initiatives

Second Edition of Startup Mahakumbh

Second Edition of Startup Mahakumbh

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

wew
wrdf
Start-Up and Unicorn Ecosystem
Severe Commvault Command Center Flaw Allows Remote Code Execution

Severe Commvault Command Center Flaw Allows Remote Code Execution

AI Agents Are Reshaping the Corporate Org Chart

AI Agents Are Reshaping the Corporate Org Chart

STL and C-DOT successfully demonstrate India’s first Quantum Key Distribution with Multi-Core Fibre

STL and C-DOT successfully demonstrate India’s first Quantum Key Distribution with Multi-Core Fibre

Why is Meta Forced to Change its Content Policy?

Why is Meta Forced to Change its Content Policy?

AI, cloud expansion fuelling identity risks

AI, cloud expansion fuelling identity risks

AI’s Rapid Rise: Impressive Yet Not Without Limits

AI’s Rapid Rise: Impressive Yet Not Without Limits

Melania Trump-Backed Deepfake Bill receives “Take It Down” act

Melania Trump-Backed Deepfake Bill receives “Take It Down” act

Startups To Struggle to Compete with Google, xAI, and OpenAI in the AI Arms Race

Startups To Struggle to Compete with Google, xAI, and OpenAI in the AI Arms Race

SAP SuccessFactors to drive HR transformation for Jaquar Group

SAP SuccessFactors to drive HR transformation for Jaquar Group

Ascendion to drive experience transformation with acquisition of UXReactor

Ascendion to drive experience transformation with acquisition of UXReactor

dsf