With 20 years of PC hacking history and horror stories to draw on, you might think that the manufacturers of these new classes of 'magic devices' would be building in a lot of security from the start. They're not
San Francisco, CA (PRWEB) March 23, 2010
A research report released today by Mocana found that business and government stakeholders in the United States are largely unprepared to handle the infrastructure crashes, hacker penetrations and property and identity thefts resulting from a flood of new, unsecured non-PC devices connecting to the Internet in recent months. Furthermore, the report concludes that the embedded security and cryptographic skill sets required to address the emerging problems are in critically short supply. For a copy of the research, visit http://www.mocana.com/spring10dir
The report shows that in just the past three years, non-PC devices have quietly overtaken workstations as the dominant form of computing on the Internet. Connected non-PC devices already outnumber PCs by at least 5 to 1, and the ratio is growing fast. These new connected devices - smartphones, medical equipment, home appliances, smart grid meters, even cars (to name just a few) - are providing hackers with new, attractive and usually totally unsecured targets that can execute, host and transmit malicious code to the rest of the network. The report projects that as this trend accelerates and unsecured gadgets of every imaginable type pile onto the Web, consequences --both to individuals and society at large--will grow substantially. Experts from organizations like Goldman Sachs and Embedded.com quoted in the report say the situation will get worse before it gets better, with significant negative impacts to business and national security.
"With 20 years of PC hacking history and horror stories to draw on, you might think that the manufacturers of these new classes of 'magic devices' would be building in a lot of security from the start. They're not," said Adrian Turner, CEO of Mocana. "Some of the most sophisticated and virulent attack vectors we've even seen are being directed not at PCs, but at these devices - and most of these gadgets have little in the way of meaningful security or defenses."
Why is this happening? The new report cites evidence to suggest that in the scramble to get Internet-enabled gadgets into stores, manufacturers may be "rushing" web-enabled devices to market without adequate security measures on board. And in those environments where manufacturers do recognize the threat, they run up against a critical talent shortage: data from the report makes it plain that American universities and training programs simply aren't producing enough applied cryptography and network security professionals to meet the need.
The Mocana report does identify some silver linings. First, jobs, something in short supply everywhere else, are easy to find in this sector. The research shows that information and device security jobs tend to be more stable and better compensated than those in the rest of the information technology industry. Second, industry analysts have identified potentially lucrative opportunities for investors and companies focused on mitigating this problem, even in a generally challenging economic environment. The report cites examples of several industry players making strategic moves to leverage the situation.
Mocana secures the "Internet of Things" - the 20 billion datacom, smartgrid, federal, consumer, industrial and medical devices that connect across every sector of our economy. These devices already outnumber PC's on the Internet by five to one, representing a $900 billion market that's growing twice as fast as the PC market. Every day, millions of people use products sold by over 100 companies that leverage Mocana's Device Integrity software, including Dell, Cisco, Honeywell, General Electric, General Dynamics, Avaya, Nortel Networks, Harris and Radvision, among others. Mocana won Frost & Sullivan's Technology Innovation of the Year award for 2008 for Device Security, and was named to the Red Herring Global 100 as one of the "top 100 privately-held technology companies in the world" in January 2009.