According to Rik Ferguson, Vice President of Security Research at Trend Micro, the answer is “Yes!” Why? He says there are billions of dollars to be made in cybercrime, certain OS’s are simply made for hacking (ie., the open, fragmented Android), and on average, companies notice that they have been hacked 250 days after the criminals have walked through the network or software walls (Verizon Data Breach Investigation Report).
What does this mean for the M2M ecosystem – it needs to be much more intelligent and aware right from the design phase on through the building of products and networks about incorporating security in every step. Integrating cyber security expertise in product development was a key suggestion Ferguson emphasized during the interview with Limor Schafman of U2U Connect on RCR TV.
Other points discussed include:
• Android wins the dubious prize of being the most targeted OS for hackers. Trend Micro this week calculated there are over 740,000 unique outright malicious or high risk Android mobile apps (from Google Play and other third party app stores).
• The home is no longer the impenetrable castle. As the smartphone proliferates, there are many forms of cybercrime that can be committed. One is ransomware, where, for example, cybercriminals invade the SmartTV home system, pop up a screen when a viewer turns on the TV to watch a pay-per-view of a game, and prevent viewing until a ransom fee is paid.
• What to do with BYOD: Accept the inevitable that employees want one device, and yes, believe it or not Blackberry is the network of choice due to the hack-limitations feature-set built into their enterprise server system. iOS is also a more secure alternative.
• Keeping cell phones outside a meeting room is a good corporate security policy. Hackers are beginning to target specific candidates of people and companies. They can access a CEO’s calendar from a computer or mobile phone, know an important meeting is taking place, then hack into the phone and record the entire session.
• For companies that are creating their own, “third party” app stores for their employees or in general, implement security to prevent malware from infiltrating. Trend Micro has a back end system called Mobile App Reputation Service (MARS) that will ensure that all the apps are clean.
• Cyber security is now about building dungeons: breaches will happen and the best companies can do is find out quickly and make it extremely difficult for the data to be removed from the systems.
• The future of M2M promises great product and service capabilities and hacking opportunities. Ferguson draws interesting pictures of what our connected future will look like, the business opportunities, and how hackers may take advantage of that future as well.
• On September 25th, Trend Micro will release Project 20/20 which includes a nine part webseries based on the research report they will be publishing that day.
Ferguson covers these and other points in depth. Watch the full interview here.
