80 percent of cyber attacks are directed against wireless devices. The new extended EU RED directive enforces higher standards for IoT security from 2024.
The Internet of Things, ie all wireless intelligent devices in particular, represents one of the greatest risks in information technology. With new security requirements, the EU Commission is now significantly increasing the pressure on manufacturers, integrators and retailers of IoT devices - to protect companies and consumers .
New EU directive ensures more security
The new extension to the so-called RED (Radio Equipment Directive 2014/53 / EU) is to come into force EU-wide from 2024 and apply to all devices approved for sale in the EU. “We very much welcome the EU initiative. During tests in our laboratory, we often find serious weaknesses in almost all wireless devices. The spectrum ranges from routers to tablets, IP cameras, smart speakers, baby monitors and smart devices in company networks. Hackers can often use these devices to gain easy access to the local network, sensitive data and servers, ”says Jan Wendenburg, CEO of the IT security company IoT Inspector.
In addition to their own test laboratory, the security experts also operate the largest European platform for the automated checking of the firmware of IoT devices. This automatically and reliably detects security risks and compliance violations. According to Wendenburg, however, the inadequate specification of the directive is problematic. This makes implementation more difficult for manufacturers - although it should soon become binding for all manufacturers.
Hundreds of thousands of vulnerabilities are already in circulation
“Routers and numerous IoT devices are in use in corporate networks for up to ten years, in private households often even longer. The previous lack of obligation to ensure more security via firmware updates is an incalculable risk, ”says Jan Wendenburg from IoT Inspector. Just recently, IoT Inspector discovered serious security gaps in components from Realtek and Broadcom, which could spread to hundreds of thousands of devices from up to 65 well-known manufacturers due to a lack of transparency in the supply chain and product development. Among other things, routers, IP cameras, smart lighting controls and numerous other devices that are used in companies and households around the world are affected.
A security check must therefore take place during product development in order to identify and remedy potential weak points before the product is launched. With the IoT Inspector platform, product manufacturers and product integrators have a proven solution for automated security checks at their disposal, with which IoT firmware can be automatically monitored during the entire product life cycle. Integration into product development almost automatically reduces costs, resources, development time and project risks.
80 percent of cyber attacks target wireless devices
The EU Commission has shown that 80 percent of cyber attacks are already targeting wireless devices, making them a popular gateway for further damage in networks. Cyber threats are evolving rapidly, the attacker's technologies are becoming increasingly complex and adapting to the circumstances better and better.
“Cybercrime has long since developed from the work of a few less organized hackers into a veritable business model for criminal organizations. It is difficult to estimate how the risk situation will develop in the coming months, ”warns Jan Wendenburg. In the new management report on IT security, the Federal Office for Information Security (BSI) assesses the current situation as "tense to critical", and in some cases the red alert is already in place. The increase over the past two years has been disproportionately high. It is therefore essential to be in a hurry to enable effective monitoring bodies such as testing and certification organizations to take corrective measures to increase IoT security on the basis of real results and analyzes.
More at IoT-Inspector.com
Via IoT Inspector
IoT Inspector is the leading European IoT security analysis platform and enables an automated firmware check of IoT devices for critical security gaps with just a few clicks of the mouse. The integrated compliance checker also detects violations of international compliance guidelines. Weak points for external attacks and security risks are identified in the shortest possible time and can be resolved in a targeted manner. The solution, which is easy to use via a web interface, reveals unknown security risks for manufacturers and distributors of IoT technology.