Intel Security's Chris Young: Attackers Not Just Compromising Home Devices, They're Weaponizing Them

Cybersecurity practitioners are not paying enough attention to the home as a viable attack surface, especially as some adversaries change their tactics from compromising and stealing data from vulnerable devices to weaponizing them, warned Christopher Young, SVP and general manager at Intel Security, at the 2017 RSA Conference on Tuesday.

In a keynote session, Young expressed concern that security professionals are so preoccupied with the cloud as an emerging threat surface, that they ignoring the looming danger of connected Internet of Things devices at home. “ We' ve given the enemy all the scale they could possibly want by connecting our homes with smarter, faster, better devices, by leveraging big-data analytics to drive really important decisions that coordinate much of what we do in society,” said Young, who is set to become CEO when Intel Security spins off from Intel Corporation and rebrands itself as McAfee.

Young cautioned attendees to take employee homes into account when developing work policies, building cybersecurity architectures, and provisioning tools. “ If you want to worry about where your next corporate vulnerability or governmental vulnerability might lie, it' s likely to be in the home of the people who work for you,” he noted.

Young cited the Mirai botnet' s attack on the Domain Name System service provider Dyn as a prime example of IoT' s power, and how home devices can be used destructively. “ I' d argue that this is just a test. The attackers are just trying to see what they can do next, what' s possible, what are the limits of their capabilities,” he said.

Tag : Advanced commands
FAQ
Q
What about our existing PCs?
A
Thinvent’s server based computing solution will coexist peacefully with your existing IT equipment like PCs and networking. As and when your PCs become slow, we will convert them into thin clients using our Thinux software. This extends the life of your PCs for as long as their hardware does not fail.
Q
How is installation and support handled?
A
Thinvent’s in-house team of server based computing experts will provide complete on-site installation of hardware, software and networking. Thereafter, we will provide one year of on-site support through our service network. Further on-site AMC can be purchased after this period.
Q
What happens if a thin client fails?
A
Thin clients contain none of your files or software. So there is no need for recovery of data from them. A failed thin client can easily be replaced with another standby unit, without any loss of functionality. Hence your users’ work need not be interrupted while our service engineers repair the failed unit.
Q
How does Secure Boot work?
A
Secure Boot works like a security gate. Code with valid credentials gets through the gate and executes. However, Secure Boot blocks at the gate and rejects a code that has bad credentials, or no credential.
Q
What is Secure Boot?
A
Secure Boot is one feature of the latest Unified Extensible Firmware Interface (UEFI) 2.3.1 specification (Errata C). The feature defines an entirely new interface between operating system and firmware/BIOS.

When enabled and fully configured, Secure Boot helps a computer resist attacks and infection from malware. Secure Boot detects tampering with boot loaders, key operating system files, and unauthorized option ROMs by validating their digital signatures. Detections are blocked from running before they can attack or infect the system.