These devices can be cell-phone switching systems, power grid controllers and HVAC systems, and they can also be network-equipped television sets, video disc players and DVRs. And we haven’t gotten to the mobile devices that people carry around, such as iPods, smartphones and GPS receivers. At first glance, it’s hard to see how these network-attached devices could threaten your enterprise, but on further inspection, networked devices are perhaps the single greatest area of risk in security today.
I was reminded of the nature of this threat when I was at Best Buy a couple of weeks ago shopping for a new television set. What I hadn’t expected was the flood of new consumer electronics that have reached the market lately boasting network connectivity. Every major vendor of televisions featured 802.11n wireless connectivity on some models, and some had wired Ethernet as well. There were network-aware Blu-ray players in all price ranges. None, as far as I could tell, included any sort of security.
The only reason I can think of that these devices haven’t been used as malware vectors is that the criminals who create malware haven’t gotten around to it. But there will come a time when some devices reach a critical mass, and—because of the unique vulnerability of these devices—start serving up attacks against your network or someone else’s.
In some ways the threat posed by mobile devices is even worse since they have a more direct connection to the Internet.
This is the future that Intel sees, and it’s why the company bought McAfee.
As nice as it might be to have a profitable business selling AV software, it will be a lot nicer for Intel to have the in-house expertise to create hardware-based security for as many of those network-equipped devices as it can supply network interfaces for. Because these devices are already connected, all Intel and McAfee need to do is create an ecosystem of device updating and reporting that not only keeps the protection current but also reports on emerging threats, much as McAfee’s current computer security products do.
http://www.eweek.com/c/a/Security/Intel-McAfee-Merger-Plugs-Network-Security-Hole-696433/?kc=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+RSS%2Feweeksecurity+%28eWEEK+Security%29