IoT Security Update: October 2019
SecureRF Launches New DOME Device Ownership Management and Enrollment Solution
On October 8, SecureRF launched DOME a comprehensive device onboarding and ownership management platform that provides processor-level security, authentication, and data management for devices at the edge of the IoT. DOME supports scalable security functions like in-field ownership transfers and secure firmware updates, reducing the cost and complexity of IoT device management. The company was at Arm TechCon in San Jose to demonstrate the power of DOME in demonstrations of the new solution on a low resource ARM Cortex processor as well as the newly announced Renesas RA series.
To learn more about DOME visit veridify.com/dome/.
SecureRF at ST Developer’s Conference
The SecureRF team demonstrated our fast, future-proof authentication methods and talked with visitors interested in security for their ST-based products at this year’s ST Developer Conference held on September 12th at the Santa Clara Convention Center. The event brought together experts in the IoT, Smart Driving, Smart Home, City and Industry markets to offer their perspectives on how these technologies will affect the future of product development.
The SecureRF demonstration highlighted best practices for securing IoT endpoints and showed how SecureRF’s Walnut Digital Signature Algorithm™ rapidly verifies the integrity and source authentication of digital data; up to 18x faster than ECDSA on STM32F7x0. The company also showed how their Ironwood Key Agreement Protocol™ enables two parties to generate a shared secret over an open channel without any prior communication up to 46x faster than ECDH on STM32F7x0. To learn more about best practices for securing IoT end points like ST-based products, click here.
Recent articles shared below indicate that security professionals and consumers are increasingly aware of the dangers of the lack of security in many IoT devices. News coverage indicates the seriousness of these threats and how they should not be ignored.
Over 100 Million IoT Attacks Detected in 1H 2019
Infosecurity Magazine reports the security vendor Kaspersky recently detected over 100 million attacks on IoT endpoints in the first half of 2019 alone. The article highlights the continued threat to unsecured connected IoT devices. Read more here.
Smart Doesn’t Mean Secure: Four Myths that Leave Enterprises Vulnerable
Forbes Magazine reports that connected IoT devices are estimated to reach 25 billion by 2021. The report outlines how connected devices aren’t just a consumer problem and are widespread in enterprises, manufacturing facilities and hospitals. The article outlines four myths about IoT security for enterprises to consider as they plan security for their IoT endpoints. Read the four myths here.
Samsung, Huawei, LG, and Sony phones vulnerable to rogue ‘provisioning’ messages
ZDNet reports that nearly half of all Android devices were vulnerable to fake provisioning messages delivered via SMS which tricked users into thinking the message was from the mobile operator and encouraged users to change their device setting. With the changed setting, hackers had access to email or device web traffic. ZDNet reported that three of the four vendors were in the process of patching this attack however the discovery of this flaw and its scale highlights the risk of devices that aren’t configured with a proper authentication to correctly distinguish messages from the mobile operator vs messages from a hacker. Read more here.
Telnet backdoor vulnerabilities impact over a million IoT radio devices
A recent ZDNet article details the massive scale of critical vulnerabilities discovered in IoT radio devices that permitted attackers to remotely hijack the systems and granted them root access with full privileges. The article acknowledges that while the security of the radio IoT devices themselves may not be an enormous threat, it is an example of the danger of the enslavement of IoT device to create larger threats. Read more.
ON Semi IoT Tech US Tour – Seattle and Santa Clara, November 5 and 7:
Join the SecureRF team at the upcoming ON Semi US IoT seminars focused on Innovations in Smart Homes and Buildings. The day long agenda includes technical demonstrations, educational content and networking sessions. To join an event, register here.
ST Technology Tour, November 5, Boston:
Join SecureRF at the ST Technology Tour in Boston on November 5th. Experts will be speaking on a variety of technologies and markets poised for rapid growth in the coming years. At the event, you can expand your knowledge and network with your peers while experiencing new technology demonstrations. SecureRF personnel will be on hand to demonstrate the faster performance of SecureRF’s methods compared to ECDSA/ECDH on an STM32F7x0 Value Line processor.
Contact us to arrange to meet with the SecureRF team at the Boston ST Technology Tour.
SPS 2019 – November 25-28, Nuremberg, Germany:
SecureRF CEO Louis Parks will join Intel at the upcoming SPS Drives to demonstrate the power and scalability of our Bump in the Wire and DOME™ Device Ownership Management and Enrollment platforms. Contact us to meet with the SecureRF team at SPS 2019.
RISC-V Summit – December 10-12, San Jose, CA.:
Join the SecureRF team at the RISC-V Summit in San Jose, December 10-12 in San Jose. Our team will demonstrate the power and scalability of our new DOME™ Device Ownership Management and Enrollment solution on a low resource RISC-V processor. In addition, we’ll join with Microchip to demonstrate our fast, small, quantum resistant methods on a PolarFire SoC emulation platform. Contact us to arrange to meet at the RISC-V Summit.