Menu

M2M FEATURE NEWS

Klocwork Urges Developers to Understand, Mitigate Security Vulnerabilities Before It's Too Late

By Rachel Ramsey March 04, 2014

Both the beauty and the downfall of the Internet of Things (IoT) is that the power is in the software; it controls our devices and the networks that provide connectivity and communications. Over the years, we’ve realized how important it is to write code that is resistant to malicious attack. In 2012, malicious software called Sykipot surfaced – traces had been found in cyberattacks since 2006, but this set a new standard; this was the first time Sykipot targeted smart cards used by government employees to access restricted servers and networks.

Before that, three Web domains associated with the home page of the U.S. Bureau of Engraving and Printing, which falls under the auspices of the Treasury Department, served up malicious software. Hackers added some iframe HTML code to the sites that in effect redirects visitors to a bogus site hosted in Ukraine. Once they land on that page, it launched a variety of Web-based attacks based on a commercially available attack kit called the Eleonore Exploit pack.

We’ve already seen these types of attacks in the modern era of the Internet of Things. Proofpoint recently uncovered an IoT-based cyberattack, which involved more than 750,000 malicious email communications coming from more than 100,000 consumer gadgets, such as home networking routers, multimedia centers, TVs and at least one refrigerator.

In a whitepaper, “Defend Against Injection-based Attacks,” Klocwork, a company that enables secure and reliable software, discussed the most common security vulnerabilities in the software development industry, how they present themselves to end users and developers and mitigation strategies to resolve each issue.  Klocwork provides tools that enable developers to identify potential security vulnerabilities and reliability issues before they’re submitted to the software build. Some of the biggest brands in automotive, consumer electronics, gaming, medical technologies, military and aerospace, mobile device and telecom sectors rely on Klocwork and its tools to create secure and reliable software.

Today, the most common security weaknesses are in software accessible from a desktop, tablet or mobile device. Web-based applications, network-enabled or controlled devices and wisely used mobile software are the most targeted applications. These weaknesses can usually be traced back to the developer not anticipating how software could be misused or made to perform actions it wasn’t designed to do.

There are many types of security vulnerabilities that exist in computer software today. Finding and removing these weaknesses as quickly as possible ensures that software running crucial functionality remains secure and protected.

Read the whitepaper on understanding and mitigating security vulnerabilities here, and then make sure you understand the three guidelines to protecting M2M systems.  




Edited by Cassandra Tucker
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Content Director

SHARE THIS ARTICLE
Related Articles

Beyond the Closet, Connecting to IoT

By: Gary Audin    11/11/2020

Two challenges arise when considering cable based IoT.

Read More

Banyan Security Enhances Secure Remote Access for Engineering Resources

By: Ken Briodagh    10/27/2020

Banyan's Continuous Authorization Can Grant or Revoke Access to Sensitive Engineering Environments and Applications in Real-time Based on TrustScore

Read More

Senet Eyes RAN Partnerships as Key to Delivering Network Services for Massive IoT

By: Arti Loftus    10/21/2020

To meet the challenges that come with providing network connectivity for IoT solutions, Senet is executing a strategy for massive IoT that will be bui…

Read More

mimik Selected by 5G Open Innovation Lab to Drive Early Adoption of 5G

By: Ken Briodagh    10/15/2020

mimik's patented Hybrid Edge Cloud platform will boost the performance and reduce the cost of 5G Networks

Read More

5G Sets New Standards for Vertical Industries' IoT Connectivity

By: Special Guest    10/13/2020

As 5G rolls out across the world, vertical industries across IoT are working on additional standards to make the technology suitable for their industr…

Read More