22.06.2020

Detect IoT Hazards: AV-TEST and eco Cooperate in Securing IoT Devices and Services

  • Today, the eco member AV-TEST has launched the platform AV-ATLAS IoT
  • The IoT monitoring offered by the cooperation partners will help manufacturers to improve IoT security
  • Joint eco Academy webinar on the IoT security situation on 29.06. (to be held in German)

From today forward, the AV-TEST Institute, in cooperation with the eco Association, will complement the extensive data spectrum of its AV-ATLAS Threat Intelligence with real-time monitoring data of IoT (Internet of Things) devices and services. The data gathering is based on four different HoneyPot systems, which cover the widest possible range of IoT systems that are currently in use. The new analysis system not only provides information about the origin and timing of IoT attacks; it also reports on the IP addresses used in outbound attacks, the login data used, the commands executed during attack attempts, and any uploaded files. Supplemented by the AV-TEST Institute’s tried-and-tested analysis systems, the new system also identifies the malware used in attacks.

“With AV-ATLAS’s IoT monitoring, eco and AV-Test are offering both manufacturers and users the possibility to get a clear picture of the most up-to-date IoT security situation. We also want to support manufacturers with our data to ensure the necessary basic security and to optimise devices and services accordingly”, says Maik Morgenstern, Managing Director and Technical Director of the AV-TEST Institute. Markus Schaffrin, security expert and Head of Member Services in the eco Association adds: “Intelligent digital products and services connect people and machines worldwide via the Internet. Whether it’s to do with Smart Home, Smart City or Smart Factory, for eco it’s important that opportunities and risks are highlighted. Together with AV-Test, we will regularly inform IoT manufacturers and users about hazards so that they can prepare for and defend themselves against them.”

Many IoT devices poorly protected against hacker attacks

Estimates forecast that, in the coming year, there will be well over 30 billion active IoT devices. These include not only cameras, robot vacuums, smart lighting, and many other things in daily life that are increasingly being connected, but also the rapidly growing market for smart home products for end users. What’s more, when it comes to the manufacturing and industrial environment, operational efficiency, production cost reduction, and the development of new business models mean that there’s no stopping connectivity within the Industrial Internet of Things (IIoT).

But it is not only the connection of products, processes and business fields that is developing rapidly. In parallel, the number of attacks on the fragile new digital infrastructure is also growing. For cyber criminals, the rapidly growing number of often (at best) poorly protected devices and services offers an easy and welcome target for attack. The low security level of many IoT and IIoT offerings is often due to their hasty market introduction and the resulting neglect of basic security principles and necessary tests. This development has not escaped the attention of cyber criminals and offers them an increasingly interesting field of activity. Due to the massively growing number of IoT devices and services lacking in effective basic protection, the mass of exploitable security vulnerabilities and the available automated malware, criminals have a wide range of options, from the sabotage of production and business processes, to digital blackmail and data theft, to the massive exploitation of the computing power of hijacked connected devices for extensive online attacks or the misuse of resources to calculate crypto currency.

eco and AV-Test Webinar: Increasing IoT security

As of today, IoT users and manufacturers can use the basic version of AV-ATLAS’s IoT monitoring free of charge at www.av-atlas.org. As part of the introduction of the new monitoring function, the eco Association, together with AV-TEST Institute, is also inviting participants to the German-language webinar “IoT Security with AV-ATLAS: Only Secure is Really Smart”. In addition to an introduction to the functions of the IoT Monitoring, the webinar also offers an opportunity for a further exchange. The webinar will start on the online platform of the eco Academy www.eco.de/akademie/webinare/ at 10 a.m. on 29.06.2020.

 

Internet of Things