[IoT devices are threatened to be the hardest hit by network security]
Cheap IoT devices lack security protection
The more convenient the smart life, the greater the vulnerability of IoT devices. Take the unmanned vending machine as an example. The working principle is to establish a connection between the user and the commodity through the Internet of Things technology. The user can complete the purchase process only through mobile payment, but this seems to be quite convenient in modern life. Behind the operation, there is a huge security risk.
In July 2017, American vending machine supplier AvantiMarkets was hacked into the intranet. The attacker implanted malware in the terminal payment device and stole personal information such as the user's credit card account and biometric data.
For the security vulnerabilities of IoT devices, the community is not unaware. Forrester Research, Inc. pointed out in its 2018 IoT forecast that security vulnerabilities are a major concern for companies deploying IoT solutions, and this is also the focus of companies considering deploying IoT solutions. The problem. However, most companies have not consistently responded to IoT security threats, and business pressure has overwhelmed technical security issues.
This judgment broke the security loopholes in IoT devices and it seems that it is difficult to solve the truth behind it.
Why do IoT devices become targets of hackers and exploits? The Internet Information Platform Geek Park concluded that the first is due to cost considerations. Some IoT device manufacturers are likely to introduce vulnerabilities in order to save costs by using common, open source operating systems, or third-party components that are not securely tested. Also based on cost considerations, most IoT devices do not protect the debug interface, which gives the attacker a chance to take advantage of it.
"On a large number of low-cost IoT devices, it is almost impossible to use complex and power-hungry existing security systems." An Internet security expert said helplessly.
Many vendors lack security awareness and security capabilities. When developing IoT smart devices, security considerations were not made, resulting in hardware and software security vulnerabilities. Moreover, many devices lack software security update mechanisms or mechanisms that are insecure, resulting in vulnerabilities that cannot be fixed and have serious consequences.
Moreover, identity authentication and authorization mechanisms are weak. The Internet of Things intelligent terminal devices are large in scale, and devices that work together may belong to different vendors, which makes identity authentication between terminals difficult to implement. A large number of devices are still using weak passwords, which allows hackers to easily control the device.
He Hezhen also believes that the current Internet of Things encryption is often relatively simple, but to achieve relatively secure encryption, the investment will be relatively large. Taking the Industrial Internet of Things as an example, its equipment is numerous, and the sensors, interface standards, and communication protocols are quite complex, and it is not easy to achieve security. At the same time, personal computers and mobile phones may also be controlled by Trojans. They are not working for a long time, and IoT nodes are always online. Although not all connected to the external network, even after physical isolation, it may infect the external network virus due to management omissions.
High-risk loopholes in routers caused millions of users in Germany to break the Internet, hacking 150,000 printers, and intelligent teddy bear toys leaking more than 2 million parent-child chat records... Hacking attacks related to IoT device vulnerabilities have repeatedly occurred, making foreign Internet of Things The safety risks of the equipment are alert. The US Federal Bureau of Investigation has warned parents that Internet toys have the risk of revealing privacy. Hackers can attack Internet toys to obtain personal information such as their names and locations.
The hazards of IoT device attacks are much more than just data theft. Security researchers demonstrated how to install ransomware on a home's smart thermostat. They can even raise the temperature to 95 degrees Celsius and refuse to switch back to normal temperature unless the victim agrees to pay the ransom paid in bitcoin. They can also launch similar attacks on networked garage doors, vehicles and even home appliances. With the increasing popularity of driverless driving, hackers can control vehicles, change radio stations, turn on wipers, force vehicles, and even cause traffic accidents. What is even more worrying is that hackers have the potential to attack medical devices that are implanted in the human body and have wireless functions, thereby endangering human health.
Gartner, an international authoritative consulting firm, predicts that the number of IoT devices in the world will reach 26 billion in 2020. It is imperative to solve the problem of security protection of IoT devices.
Enhancing the protection capabilities of IoT devices is imminent
"Today's society needs more and more 'great security'." Zhou Hongyi, chairman and CEO of 360 Group, pointed out at the Second World Intelligence Conference that in the era of Internet of Everything, cyber attacks have begun to threaten the healthy development of the smart economy.
He proposed the concept of “safe brain†and hoped to build a large distributed intelligent security system, using new technologies such as artificial intelligence, big data, cloud computing and blockchain to protect infrastructure, society, cities and individuals. Network security, its intelligent security protection capabilities further extend to the industrial Internet, Internet of Vehicles, Internet of Things, urban security and other fields.
For China, it is equally urgent to solve the security problem of IoT devices. Recently, China has intensively introduced policies to promote the development of IPv6, 5G, and industrial Internet, and strives to launch commercial pilots this year. This is helping the Internet of Things to spread faster and the number of IoT devices to grow rapidly, due to insufficient security of equipment manufacturers. And industry regulation is not perfect, and the security threats of IoT devices will intensify. By then, government agencies, industrial and commercial enterprises and even individual families will have a higher probability of being exposed to the hacker's vision.
Experts believe that it is imperative that government agencies and enterprises with public attributes should strengthen the security investigation and daily monitoring of internal IoT equipment as soon as possible. In the investigation, you can focus on whether there are vulnerabilities, past attacks, and the source of the attacked IP address. At the same time, close unnecessary remote service ports, repair weak passwords, and regularly conduct network security risk assessment to improve the level of protection.
At the same time, it is indispensable for domestic IoT equipment manufacturers to upgrade their security levels. "The common vulnerabilities of IoT devices include hardware interface exposure, unauthorized access, etc. These security issues are not high enough to prevent problems before they occur." Yang Chuanan, chief architect of NSFOCUS, suggested that manufacturers should do a good job. The safety guarantee work of the whole life cycle has a complete network security emergency response plan, including equipment safety risk assessment when the equipment leaves the factory, and does not use a unified default password.
In addition, we must be alert to the traditional Internet attack means in the "battlefield" variant of the Internet of Things. In the "battlefield" of the Internet of Things, many traditional methods of attack have found new space for development. For example, network sniffing, remote code execution, cloud server compromise, and the collapse of controlled devices are all new application scenarios of traditional attack methods in the Internet of Things. These traditional methods of attack should not be easily overlooked by various links.
Finally, the relevant departments should also be alert when purchasing smart networked equipment to prevent it from becoming a “back doorâ€. Once you find that you are deliberately leaving the "back door", you should take decisive punishment measures in accordance with laws and regulations.
The photovoltaic solar modules are made of a number of individual silicon solar cells. Different types of solar cells have different efficiency levels, like monocrystalline solar cells and polycrystalline solar cells. To reach as higher efficiency we we can, PERC solar cells with multi-busbar + split cell technologies are used for our solar moduels. Now we reach 21.52% for our pv panels.
Saintish solar panels could be applicated for residential, commercial, industrial and off grid systems. Fully black and silver white panels as well as transparent photovoltaic modules are all accepted in our company.
By installing with Solar Panel, not only reduced carbon footprint, but also reduced your electricity bill and even be paid for the surplus energy generated by feeding into the grid.
Photovoltaic Module, Solar Electric Panel, Transparent Panels, Solar modules, Monocrystalline Solar Panel
Hangzhou Saintish Technology Co.,Ltd. , https://www.saintishtech.com