Securing these devices will be a challenge. Many of them have limited processing capability, and so are not capable of running conventional anti-malware solutions. Instead, security relies on users changing passwords and settings away from default settings, and ensuring the devices are not left open—in exactly the same way that people are recommended to protect their home wifi networks.
Larger-scale attacks such as the RAM scraping exploits against major retailers reinforces the need for organisations to maintain best security practices. This includes applying the latest updates and patches to close off vulnerabilities, and deploying layers of security to protect networks and data so that even if one layer is breached, the next can stop the attack. For example, organisations could isolate different network segments from each other using firewalls, to inhibit attacks from crossing networks, or use a service such as Check Point's ThreatCloud Emulation which can identify and isolate malicious files before they enter the network, so that infections do not occur.
Just as the "Internet of Things" is enabling a better-connected, more efficient world, it also gives criminals a better connected, more efficient network for launching attacks. Yes, we should be aware of suspect devices—which, it seems, is rapidly becoming all devices.
Steve McWhirter is Vice President, Asia Pacific, Middle East and Africa Sales, Check Point Software Technologies
Sign up for Computerworld eNewsletters.