Threat of the month: Compromised embedded systems

Share this article:
What is it?
Embedded systems are small computing or logic devices that can connect to the internet. These are often deployed without network perimeter protection, such as a firewall. These devices are seldom patched, leaving them vulnerable to remote and local exploits.

How does it work?
The embedded systems are deployed with default configurations, so attackers can easily login and change critical systems, potentially causing real-world damage.

Should I be worried?
Embedded systems are usually treated with less security focus than workstations or servers, which is a huge mistake.

How can I prevent it?
I recommend placing devices behind network perimeter devices when possible. Default usernames and authentication credentials should also be changed. Another preventative measure is ensuring all embedded devices have up-to-date firmware/software.
Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in Features

Sign up to our newsletters

More in Features

Case study: Big LAN on campus

Case study: Big LAN on campus

A university rolled out a wireless network, but was hampered with a user-support problem...until a solution was found. Greg Masters reports.

2014 Women in IT Security: Stacey Halota

2014 Women in IT Security: Stacey Halota

When she stepped into the job of vice president of information security and privacy at Graham Holdings Company in 2003, Stacey Halota had to carve out new territory because her ...

What's sex got to do with it?

What's sex got to do with it?

Harassment has no place in the security industry. Neither do sexism or discrimination. But, there they are. It's time for infosec to just say no, reports Teri Robinson.