为物联网保护开源操作系统

温馨提示:全文约2222字,阅读全文大约需要3分钟

如今,许多物联网设备的操作系统都包含开放源代码许可证,但需要提高警惕,以充分保护攻击表面

.

ESG的一项调查显示,38%的存储决策者预计物联网工作负载将未来两年内推动本地存储支出的增长。

这一趋势意味着,物联网正越来越多地进入首席执行官的行程,作为重新强调网络安全保护和数据安全的一部分

如今,许多物联网设备的操作系统都包含开放源代码许可证,但需要提高警惕,以充分保护攻击表面

ESG的一项调查显示,38%的存储决策者预计物联网工作负载将未来两年内推动本地存储支出的增长。约33%的受访者预计云计算支出会增加

这一趋势意味着,物联网正越来越多地进入首席执行官的行程,作为重新强调网络安全保护和数据安全的一部分

Forrester网络安全高级分析师Chris Sherman为《今日物联网世界》(IoT World Today)准备了一张幻灯片 37%的网络安全决策者认为,最大的运营风险来自于资产或运营中的嵌入式物联网解决方案,而33%的决策者必须努力保护其产品中的嵌入式物联网

展望未来,企业必须有效地集成Linux等开源环境,同时避免可能危及其数据安全的安全隐患

“操作环境这些工作负载的管理中起着关键作用,”ESG Global的高级分析师Paul Nashawaty说这些工作负载带来的数据增长需要加以管理,但IT供应商如何应对这种增长将取决于系统的集成。”

网络安全一直是开源Linux系统的威胁。虽然威胁的性质随着时间的推移而波动,但攻击者的动机可能更大,因为连接的设备现已变得无处不,并提供了更大的攻击面

一方面,Juniper Research的数据显示,到2021年,全球物联网设备的安装量将达到460亿台,这将增加整体攻击面。但是每个网络也有更多的设备。这为被盗网络物品的价值提供了规模经济。纳沙瓦蒂说,由于劫持典型物联网中的所有节点需要更长时间,僵尸网络等多功能网络掠夺者可能会面临一定的机会成本

物联网无处不,危险也无处不。四年前,科技媒体的报道中出现了一个可笑的惨败,当时美国一家赌场连锁店的一个联网鱼缸的个人数据遭到泄露

随着来自更先进的物联网数据源(如人工智能和高风险安全录像)的大量数据的预期,具有回响效应的漏洞的可能性将增加

物联网领域之外,已经出现了一些大公司声誉受损的案例。纳沙瓦蒂说:“(风险包括)受损设备成为僵尸网络的一部分,甚至包括数据丢失。我曾举过一些明确的例子,通过连接的设备(如电话或打印机)进行数据外泄。”

开放源码操作系统的安全第一

当选择物联网设备上运行的分发时,最好选择专门为此环境定制的开源物联网配置。有足够的预算来支持你的意图,雇佣It专家来保持开源环境的平稳运行,这也是很有帮助的

阅读完整的文章>

 

英文译文:

These days many operating systems for Internet of Things devices include an open-source license, but vigilance is needed to adequately protect the attack surface.

An ESG survey has indicated 38% of storage decision makers expect IoT workloads to drive on-premises storage spending increases over the next two years. Some 33% of respondents expected cloud spending increases.

The trend means that Internet of Things (IoT) is increasingly finding its way into the chief executive’s itinerary, as part of a renewed emphasis on cybersecurity protection and data security.

A slide deck prepared for IoT World Today by Chris Sherman, senior analyst for cybersecurity at Forrester, suggests around 37% of cybersecurity decision makers believed the greatest operational peril came from embedded IoT solutions in assets or operations, while 33% must contend with protecting embedded IoT in their products.

Going forward, it’s crucial for businesses to integrate open-source environments like Linux effectively, while avoiding security pitfalls that could jeopardize their data security.

:“The operating environment plays a key role in the management of these workloads,” said Paul Nashawaty, senior analyst at ESG Global. “Data growth from these workloads needs to be managed, but how IT vendors address this growth will be determined by the integration of the systems.”

Cybersecurity has been a threat for open source Linux systems. While the nature of the threat fluctuates over time, the incentive for attackers is arguably greater as connected devices have now become ubiquitous and provide a larger attack surface.

On the one hand, the global installed base of IoT devices is set to reach 46 billion by 2021, according to Juniper Research, and that increases the overall attack surface. But there are also a larger number of devices per network. This provides economies of scale to the value of stolen cyber goods. As it takes longer to hijack all nodes in the typical IoT network, multipronged cyber-marauders such as botnets might face something of an opportunity cost, Nashawaty said.

As IoT is pervasive, so are the dangers. One risible fiasco emerged in tech media reports four years ago, when a U.S. casino chain suffered a personal data breach from one of its internet-connected fish tanks.

The potential for breaches with reverberating effects will grow as a deluge of data is anticipated from more advanced IoT data sources, such as artificial intelligence and high-risk security footage.

Already away from the IoT sector there are cases of major firms suffering reputational damage. Nashawaty said: “[The risks include] compromised devices becoming part of a botnet, up to and including data loss. There are definite examples I’ve been given where data exfiltration has occurred via connected devices such as phones or printers.”

Safety First For Your Open Source OS

When selecting a distribution to run on IoT devices, it’s best to opt for open source IoT configurations that are specifically tailored to this environment. It’s also helpful to have the budget to back up your intentions and hire IT specialists that can keep the open source environment running smoothly.

 

Share this Post:

相关资讯: