. home.aspx


IoT Security: A White Hat Hacker Clarifies a Fuzzy Subject

August 22, 2019 / BRIAN BUNTZ

Internet of Things device can be elusive. That is a fact Deral Heiland, who is the IoT research lead at Rapid7, knows well. For one thing, such devices tend to pop up in myriad environments — inside and outside offices and industrial facilities. “Shadow devices are very common,” he said. “These are the devices that sneak into the network or a technology that changes through time.” That is, devices that once had limited capabilities, like printers, refrigerators, thermostats, cars or industrial machines, can be become computers in their own right.  Despite the at times maddening the subject IoT security has received in recent years, many individuals don’t give the matter much thought. “These are devices everyone’s using. They see them, but they often forget that they’re attached to the network.”Another contributor to the murkiness surrounding the subject is the term “IoT” itself. Heiland for one is not the biggest fan of the phrase. It’s an example of a marketing term vendors dream up to sell their technology, he said. “I don’t like the term ‘IoT’ because I think it’s misleading. When I talk to an enterprise organization, if I ask: ‘Do you have IoT?’ They may say ‘no,’ because they might think it refers to some home consumer toy. “They don’t understand that IoT is way beyond that.”