Preventing IoT Security Threats at the Firmware Level

Preventing IoT Security Threats at the Firmware Level

By Capital Markets CIO Outlook | Friday, November 30, 2018

IoT Security As tools used to prevent cyber attacks become more sophisticated, AI and Machine learning will focus more on attack-defense confrontation. AI technologies can be used to easily detect the security threats for a business. These threats in the healthcare industry are more significant, and there is a great improvement in patient care technologies. A recent innovation, Telepresence Robots, provide great opportunities for physicians to monitor and track the patients in rural areas.

Telepresence is nothing new to the healthcare industry; it has been a part of the patient care for the past ten years. However, it has faced several changes lately, due to the emergence of new vulnerabilities and threats. Zingbox, which a real-time IoT security solution which protects organizations from cyber attacks and threats, has conducted a study and it found several areas of security vulnerabilities on a widely adopted telepresence.

Check out: Top Cyber Security Companies

Firstly, the attackers intercepted the firmware updates for the robot by threatening the network. Then, the hackers have taken the files out from the telepresence file system after intercepting. Hackers could get access to the telepresence robot by inserting a USB device into the USB port of the robot and steal its Wi-Fi credentials. The malevolent code could be inserted into the robot and then broadcasted all over the network that the robot is attached with; and the hackers have stolen the videos, pictures, records of conversations, and doctors’ information.

Security measures to protect patients, visitors, or hospital are not sufficient. Therefore, it is easy for a non-authorized personal to reach and access the telepresence robot that is placed in the treatment area of a patient. To solving this threat, organizations using telepresence robots should tackle the physical part of the security of IoT device since anyone can use a USB device and then access the device from a remote location by taking Wi-Fi credentials of the machine. Regular testing of the equipment with “friendly hacks,” will enable organizations to easily search and fix the problem or issue that was found.

Weekly Brief