Cyberattacks continue to proliferate in connected devices

The security challenge continues to grow in connected devices, or commonly referred to as Internet-of-things (IoT) devices. The hacking of a wide spectrum of smart devices such as smart fridges, and baby monitors to the infotainment system in your car are indicative of a security trauma being caused by the nature of these devices being online and vulnerable to attacks. As reported by Threatpost, the number of cyberattacks have more than doubled in the first half of 2021.

For the most part, the lack of security concerns in IoT has to do with the industry being in its ‘gold rush’ phase where in every marketplace vendors are rapidly pursuing to develop and distribute the next ‘big thing’ before competitors do, and customers not caring or understanding the security aspect. Under such a competitive business environment, functionality becomes the main focus and security takes a back seat.

As the Threatpost article points out, installing and updating the latest firmware and software regularly will ensure the safety and security of the devices. Once there is a vulnerability in a device or a fleet of devices, it can be fixed through patches with software updates and the most efficient way of doing that is with over-the-air (OTA) updates. Therefore, addressing IoT security threats when designing new connected products need to be at the focal point of device manufacturers and product development teams. Additionally, how to perform secure and reliable software updates are imperative to consider at the inception of product design and if implemented poorly can provide additional attack surfaces to already existing device vulnerabilities.

To design a secure and reliable software update process, a variety of attack vectors need to be taken into account and solutions needed to defend against these attacks. The software update framework must be designed to minimize hackers’ ability to breach the update process and harm devices by modifying and installing malicious software on them. To ensure security best practices, the underlying criterion lies in a framework that must consider the three pillars of trust: people, device and software. This is critical for delivering the capabilities and functionalities needed by developers, device manufacturer's and end users. Only by planning ahead with the right mindset and design philosophy can you ensure a secure remote software update strategy.

To learn more on security considerations for remote management of software in IoT devices download this whitepaper.

Recent articles

The top challenge for autonomous vehicles: What does adding AI to cars mean for OEMs?

The top challenge for autonomous vehicles: What does adding AI to cars mean for OEMs?

The critical question for the automotive industry is: how can you shorten the time to market and innovate faster in software and AVs to meet more demanding customer requirements?
What’s New in Mender 3.7: Introducing the C++ Client for portability

What’s New in Mender 3.7: Introducing the C++ Client for portability

Mender 3.7 is released, including all the features published on hosted Mender over the last few months as part of our continuous development and rolling release process.
How over-the-air (OTA) updates help emergency response teams

How over-the-air (OTA) updates help emergency response teams

Discover how over-the-air (OTA) updates revolutionize emergency response teams, ensuring secure and seamless device maintenance and functionality in critical situations.
View more articles

Learn more about Mender

Explore our Resource Center to discover more about how Mender empowers both you and your customers with secure and reliable over-the-air updates for IoT devices.