SophosLabs malware forecast points to rising IoT threats, more ransomware

sophoslabsSophosLabs has released a malware forecast to coincide with the start of RSA Conference 2017.

Typically, our research papers focus on Windows, which has traditionally been the largest battleground. While some of the report does indeed look at Microsoft-specific challenges, we decided to focus more on the increasing malware threats directed at platforms where the risks are often not as well understood, specifically Linux, MacOS and Android devices.
Continue reading

What’s next for the Internet of Things?

We’ve all heard of the Internet of Things, or IoT.

What we aren’t yet quite sure of, however, is what actually qualifies as an Internet Thing.

Granted, it will have some kind of computer chip inside it, and you can hook it up to a computer network rather than just running it isolation.

For example, you get home thermostats that are considered IoT things, and baby monitors, and smart TVs, and webcams.

To that you can add light bulbs, doorbells and even kettles (no, we don’t know why, either)…

…as well as cars, trucks and heck, by some accounts, perhaps even power stations.

So there doesn’t seem to be any limit on the size, or price, or form, or function, of a “thing.”

Continue reading

Sophos expert James Lyne talks mobile and Internet of Things security at #MWC16 (VIDEO)

Sophos security expert James Lyne spoke during a keynote session on the Internet of Things at this year’s edition of Mobile World Congress, sharing a sampling of his research on the startling security immaturity of IoT devices.

Although James says he’s a big proponent of the IoT, of mobile applications, and the possibilities these technologies bring, his research shows how a number of them fail even the most basic security tests.

According to James, many of today’s IoT devices make it too easy for malicious hackers. James has seen massive security failures such as devices with hardcoded passwords, some exposed to vulnerabilities that should have been patched long ago, and others communicating across the open Internet unencrypted.

You can watch James’s brief but entertaining talk in the video embedded below. He explains his discoveries and shares his insights into how and why IoT and mobile security went so wrong, and what we can do to get it right.

Continue reading

Sophos at Mobile World Congress: Securing the Internet of Things

Mobile World CongressThe Internet of Things (or IoT for short) is rapidly expanding to include an unprecedented number of connected devices. All the smart things coming online need to be secured, but sadly, security seems to be low on the list of priorities for IoT manufacturers and developers.

There’s a very broad array of consumer and industrial applications for the IoT: wearables, TVsthermostats, lighting, security camerasdrug infusion pumps, electricity meters, toys, cars, and much more. What can be done to make sure our devices are safe from snoops and hackers?

James Lyne, Sophos global head of security research, addresses this important issue during a keynote session at Mobile World Congress, taking place the week of 22-25 February.

Continue reading

What is… the Internet of Things?

The phrase Internet of Things, or IoT for short, turns up all over the place these days.

But what is the thing of which the IoT is made?

Is it a specific sort of technology, like a low-powered computer chipset? A special sort of computer, such as one without a screen and keyboard? Is is an online trend, like Snapchat?

The answer, for better or for worse, is all of these, and a lot more besides.

Loosely speaking, the IoT refers to a whole class of day-to-day objects – things, if you like – that are now being offered with built-in network connectivity.

Continue reading