Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to Hackers
Download as PPTX, PDF1 like429 views
This document discusses the vulnerabilities of IoT devices, medical devices like pacemakers, and connected cars to cyberattacks, highlighting the growing threat of ransomware and other cyber crimes. It emphasizes the importance of managing security risks associated with the increasing use of open source technology in various applications. The document also notes that a significant percentage of applications contain known vulnerabilities, particularly in medical devices, raising concerns about their future security.
Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to Hackers
- 1. Open Source Insight: IoT, Medical Devices, Connected Cars All Vulnerable to Hackers By Fred Bals, Senior Content Writer & Editor
- 2. The Internet of Things, pacemakers, and driverless/semi-autonomous vehicles were all in cybersecurity news this week. And if that doesn’t get your pulse a- racing, take a gander at threat vectors such as electronic bank robberies, digitally enabled high-seas piracy and cyberattacks against electrical grids (all real crimes, I kid you not). Cybersecurity News This Week
- 3. Cybersecurity News This Week In other news, Google released the latest stable version of Chrome this Monday, which includes patches for 30 vulnerabilities, including five high severity issues (which incidentally earned four-figure bounties for their reporters). More open source security and cybersecurity news follows…
- 4. • Open Source Security and the Internet of Things • Are Medical Devices the Next Ransomware Target? • Cybersecurity Is Dead • As Open-Source Adoption Skyrockets in Enterprise, Linux Addresses Ease of Use • Electronic Setups of Driverless Cars Vulnerable to Hackers • Why Car Companies Are Hiring Computer Security Experts • Six Entrepreneurs, One Question: 'Talk About Your Best Moment as a Manager' • Encryption Technology in Your Code Impacts Export Requirements Open Source News
- 5. Open Source Security and the Internet of Things via IoT Now: As open source use continues to increase, effective management of open source security risk is increasingly important. But in the rush to bring IoT devices to market, manufacturers are often giving insufficient attention to the additional security exposures created when systems become increasingly connected.
- 6. via Cloud + Enterprise Technology: Given that open source is at the core of commercial application development, it should be no surprise that almost all — 96 percent — of the applications scanned in the COSRI analysis utilised open source, with the respective applications having nearly 150 unique open source components on average. What may come as a surprise was that 67 percent of the applications containing open source also had known vulnerabilities, and legal risks were even more widespread. The Need to Manage Open Source Vulnerabilities and Licence Risks
- 7. via Black Duck blog (Mike Pittenger): All four pacemakers examined contained open source components with vulnerabilities, and roughly 50% of all components included vulnerabilities. Most shockingly, the pacemakers had an average of 50 vulnerabilities per vulnerable component and over 2,000 vulnerabilities per vendor. Are Medical Devices the Next Ransomware Target?
- 8. Cybersecurity Is Dead via Forbes: Unsurprisingly, ransomware is exploding in popularity, as the low-cost, easily usable malware proves continually effective at extracting money. But there are grander threat vectors looming: crimes such as electronic bank robberies, digitally enabled high-seas piracy and cyberattacks against electrical grids are not science fiction premises; rather, they are real crimes that will only grow more common.
- 9. via siliconANGLE: Open source technology is not just a tool for developers anymore. Two 2016 surveys highlight the prevalence of open-source adoption for businesses of all sizes. Both surveys indicate that around 90 percent of respondents — comprised of enterprise, mid- market and small businesses — have all entered into the open-source ecosystem. As Open-Source Adoption Skyrockets in Enterprise, Linux Addresses Ease of Use
- 10. Electronic Setups of Driverless Cars Vulnerable to Hackers via NY Times: In 2014, for example, some curious Tesla Model S owners did some tinkering and claimed to have discovered a customized version of a type of Linux software called Ubuntu. Ubuntu 10.10 was first released in October 2010 and has not been supported since December 2014. “In effect, that means the operating system in your car was deprecated before you bought it,” Mr. Rogers said.
- 11. via NY Times: But as more driverless and semiautonomous cars hit the open roads, they will become a more worthy target. Security experts warn that driverless cars present a far more complex, intriguing and vulnerable “attack surface” for hackers. Each new “connected” car feature introduces greater complexity, and with complexity inevitably comes vulnerability. Why Car Companies Are Hiring Computer Security Experts
- 12. Six Entrepreneurs, One Question: 'Talk About Your Best Moment as a Manager' via BostInno: From Lou Shipley, CEO, of Black Duck Software, “It was so cool to start something from scratch and see it grow. But it’s bittersweet as well. That’s when it’s time to go create something else.”
- 13. via Black Duck blog (Phil Odence): US export laws require companies to declare what encryption technology is used in any software to be exported. The use of open source makes complying with these regulations a tricky process. Encryption Technology in Your Code Impacts Export Requirements
- 14. Subscribe Stay up to date on open source security and cybersecurity – subscribe to our blog today.