Debunking 10 common misconceptions about IoT devices – CyberTalk

By Antoinette Hodes, a Check Point Global Solutions Architect and an Evangelist with the Check Point Office of the CTO.

This article aims to provide a comprehensive overview of the most common misconceptions surrounding IoT (Internet of Things) devices. As the adoption of IoT devices continues to grow, it is crucial to address these misconceptions and provide accurate information to users and businesses alike. This will lead to better adoption and utilization, and foster a more informed and secure IoT ecosystem.

Debunking 10 common misconceptions about IoT devices – CyberTalkIoT devices are not a valuable target for hackers (read: criminals)

This is false. IoT devices often collect personal and sensitive data, making them attractive to hackers. Topics like user consent and data privacy should be addressed. IoT data is the “new gold” and it is important to anonymize data and incorporate data privacy-by-design principles.

IoT devices don’t collect or hold sensitive information

Many IoT devices collect and transmit personal or sensitive data, which can be No sensitive datacompromised. Although devices will not store it, security controls like data encryption are often needed. There 3 types of data: data at rest, data in transit and data in use. Data in use the most vulnerable and often easy to compromise.

No security posture riskIoT devices do not pose a risk to the overall network security

Often, there is an assumption that IoT devices are isolated from the network: IoT devices can act as entry points to the broader network, a potential starting point of starting the Cyber Kill Chain. We also see lateral movement and propagation attacks.

Manufacturers always prioritize security when developing IoT devices

IoT device manufacturers are already under high levels of pressure in a very competitive Secure by designmarket. They must balance cost against device functionality, while remaining attractive and differentiating their products. So, in general, security is often overlooked in favor of functionality and cost-cutting measures. IoT devices are often not “Secure by Design” or “Secure by Default”.

Physical access to an IoT device is required to compromise its security

Physical access ensures securityIn many cases, IoT devices are remotely exploited and compromised. Connected devices provide access, enabling attackers to exploit vulnerabilities or extract sensitive data from the IoT devices. Or devices can be utilized for network based attacks, like Man-in-the-Middle (MitM) attacks. This can lead to disruption or unauthorized control.

IoT devices are only a threat on the internet

IoT devices connected to a local network can still be compromised and pose a threat. They can be used as jump host, infiltrate or scan the network, lateral movement and propagation attacks.

IoT devices are immune to malware

IoT devices are immune to malwareThere is a general assumption that IoT devices are immune to malware due to limited hardware. Nonetheless, malware can infect IoT devices, allowing hackers to gain control or use them as part of a botnet. IoT devices are often connected to the internet and can potentially be accessed by attackers. IoT devices are often used in critical infrastructure, like power grids and hospitals. This makes them very attractive targets through which to cause a massive and widespread impact.

IoT device security is a one-time setup Set & forget

Either the device should be hardened from within, making it zero-day proof or security measures like ongoing monitoring, updates, and patching are needed. IoT device security is not a “set and forget” kind of thing. As the technology evolves, new security threats evolve along with it. IoT devices that are not attended to, from a security standpoint, can quickly become outdated and vulnerable.

Consumers are not responsible for securing their IoT devices; it’s the manufacturer’s job

Manufacturers bear the responsibility of prioritizing security during the design and development stages. Through the implementation of robust security measures, they can effectively shield consumers from potential attacks and breaches. However, consumers also have a role to play in ensuring device security. By actively pursuing measures such as changing default passwords, using strong passwords, and keeping devices updated, consumers can actively contribute to safeguarding their data and preventing cyber attacks. Ultimately, the security of IoT devices is a shared responsibility between manufacturers and consumers. Informed and educated consumers who prioritize security will assess the security level of the device they intend to use, opting exclusively for trusted reputable vendors.

Home IoT devices are not targets

It is often believed that cyber attacks solely target specific individuals or organizations. Home devices are no longer targetsHowever, a significant number of cyber attacks are classified as “spray attacks.” In these cases, random victims with lower levels of security become the primary targets.

Furthermore, attackers frequently focus on home IoT devices, aiming to either obtain personal data or exploit their vulnerabilities for more significant attacks. Unfortunately, many of these devices lack proper security measures, making them easy to compromise. Once compromised, these assets are often utilized as “zombies” in a botnet, potentially participating in activities like DDoS attacks.

In conclusion, debunking these misconceptions helps in understanding the true nature of IoT devices and the need for robust security measures to ensure their safe and effective utilization. Ultimately, the security of IoT devices is a shared responsibility between manufacturers and consumers.

Related resources

  • The green revolution | How IoT is driving sustainability – Learn more
  • Friction to integration | How blockchain can streamline manufacturing processesDetails
  • IoT solutions for enterprise, industrial and healthcare groups – Get product information here

Award shines a spotlight on local science journalism

Award shines a spotlight on local science journalism

Local reporting is a critical tool in the battle against disinformation and misinformation. It can also provide valuable data about everything from environmental damage derived from questionable agribusiness practices to the long-term effects of logging on communities. 

Reporting like this requires more than just journalistic chops. It needs a network that can share these important stories, access to readers, and financial support. That’s why organizations like the Knight Science Journalism Program at MIT and its Victor K. McElheny Award are important. 

Founded in 2018 with a gift from Knight Science Journalism (KSJ) Program founding director Victor McElheny and his wife, Ruth McElheny, the KSJ Victor K. McElheny Award rewards local science journalists for their pioneering work and their stories’ impacts. 

“The prize can help illustrate a continuing contribution to the maximum level of public understanding of what technology and science are achieving, and what these achievements imply for humanity,” McElheny says.

The award comes with a $10,000 prize.

“Local science journalism has value, in part, because consolidation in this sector has meant fewer journalists and a shrinking pool of resources with which to do this important work,” notes editor Cathy Clabby, a Knight Science Journalism Fellowship Program alumna (2008). Clabby was part of the team at The Charlotte Observer and The Raleigh News and Observer that earned the McElheny Award in 2023 for its poultry farm investigation

“The award demonstrated a commitment to high journalistic standards,” Clabby says.

These journalistic standards and the accompanying national recognition for awardees can lend further legitimacy to long-form science journalism. 

Features and outcomes

Additionally, while some news outlets are starved of the resources necessary to produce deeply-researched, high-quality stories, receiving the McElheny Award can help raise the visibility of small and nonprofit newsrooms, which can help with circulation, operating expenses, and fundraising.

“The award has a very real value to our audience, especially as we develop our digital subscriber model,” notes journalist Tony Bartelme, one of several Charleston Post and Courier reporters whose feature on the Gulf Stream won the inaugural award in 2019. “If readers see this kind of national recognition, they’re more likely to see the value of subscribing.”

“The financial element of the award is certainly a delightful surprise, particularly for a team project like this with a small budget,” says journalist Aaron Scott, whose team at Oregon Public Broadcasting won for its Timber Wars podcast series in 2021. “It filled me with joy getting to tell my colleagues they’d be getting bonus checks in the mail.”

Deborah Blum  the Pulitzer Prize-winning director of the Knight Science Journalism Program and founder of Undark Magazine  argues that local and regional journalists play a central role in promoting science literacy and critical thinking skills among their readers. Blum describes an information ecosystem worthy of preservation, with local science journalism acting as a fundamental building block of public consciousness and shared understanding. 

“Science stories told by reporters in the home community, known and trusted by their neighbors, have a special ability to reach readers and listeners,” Blum says.

Value, vision, and recognition

Storytelling has value beyond views, clicks, and shares, according to McElheny Award winners. 

“An informed electorate helps ensure a functional and accountable government,” Clabby asserts.

Journalists point to the skills necessary to produce thoughtful, reasoned stories that can impact readers, communities, and other journalists as valuable assets for creating powerful pieces.

“Science journalism is hard to do because it takes time to wade through it all and understand the science with enough depth to tell the story properly,” Bartelme says. “But, what’s more important than a planet on fire?”

Further, recognition from their peers can serve as validation for what can sometimes become months of research and reporting to produce such important stories.

“Recognition [as evidenced by] the Victor K. McElheny Award is deeply rewarding,” Scott believes, “because it means some of our most accomplished and thoughtful peers are listening to, reading, and thinking deeply about a story we’ve invested so much in telling.”

Outcomes and impacts

The Victor K. McElheny Award for Local Science Journalism confers national recognition on journalists performing a critical function in producing an informed electorate. Local science journalism can have lasting impacts on readers, apprise audiences of advances and challenges related to science and technology, and help secure funding for current and future efforts.

“Fact-based journalism has value for audiences,” Clabby says.

Scott, noting the value of balanced science reporting, described science journalism as “both more important, and more under threat by politicization, than ever before.”

“The McElheny Award is really the only award that celebrates science stories that reach this important audience,” Bartelme concludes. “Local journalists have a special and often more intimate relationship with readers than national organizations.”

Remembering Elise O’Hara, Media Lab staff member

Remembering Elise O’Hara, Media Lab staff member

Elise O’Hara, a cherished member of the Media Lab community, died on Dec. 12, 2023, as a result of complications following the birth of a healthy child.

As an administrative assistant for multiple research groups and initiatives — most recently, the Space Exploration Initiative and Tangible Media Group — O’Hara managed a variety of complex, high-priority projects with skill, patience, and good humor.

In her time at the Media Lab, O’Hara was perhaps best known for her warmth and her kindness. Professor Hiroshi Ishii says of her, “Elise was not just a colleague to us but a dear friend whose presence brought light and warmth to the Tangible Media Group and MIT Media Lab. All my colleagues loved and respected Elise; her beautiful soul positively touched many lives. We feel fortunate to have worked alongside Elise and to have witnessed the remarkable person she was.”

Samantha Gutierrez-Arango, a research assistant in the Biomechatronics group, says, “Elise was an integral and treasured part of the Media Lab; throughout her time, she touched many lives and hearts and was instrumental in many processes during Covid-19, ensuring the students were happy and healthy when coming back. She covered various groups, so her skills in managing the Media Lab’s day-to-day business were greatly appreciated. Elise was very passionate about theater, acting, and teaching; she loved practicing her Spanish and had a great sense of humor. She always approached life with an optimistic and playful spirit despite obstacles, and was always innovating ways to help her children have a fun time.”

Outside of her work at the Lab, O’Hara was actively involved in local community theater, performing with companies including The Fringe Theater in Needham, Massachusetts, and the Milton Players in Canton. 

O’Hara earned her bachelor’s degree from Sacred Heart University in Connecticut and her master’s in theater education from Emerson College.

She is survived by her husband, Sean O’Hara; her parents, Robert and Jean Valerio; her sister, Julie Cornell; and her three children.

Solving complex problems with technology and varied perspectives at Sphere Las Vegas

Solving complex problems with technology and varied perspectives at Sphere Las Vegas

Something new, large, and round has dominated the Las Vegas skyline since July: Sphere.

After debuting this summer, the state-of-the-art entertainment venue became instantly recognizable thanks to pictures and videos on social media and Reddit. Some of the most viral posts depict the 580,000-square-foot, fully programmable LED Exosphere projecting a giant yellow emoji that smiles, sleeps, and follows airplanes flying overhead with a look of wonder.

According to Jared Miller ’98, MBA ’03, SM ’03, Sphere’s growing popularity even before its official opening last September — when the Irish rock band U2 began its months-long residency — is a testament to the work of the creative team that made it happen.

“The team we have assembled in many ways reflects my experience at MIT,” says Miller, who is executive vice president and CIO at Sphere Entertainment.

“We have deep technology experts, engineers, scientists, artists, creative technologists, and people who have worked in many different industries who have come together to embrace this vision,” adds Miller. “The diversity of the people you’re surrounded with … brings different perspectives [and an] enthusiasm to come together and collaborate on a solution. This is what’s really special about Sphere, and it applies to MIT as well.”

Embracing the pivot

As an undergraduate, Miller majored in chemical engineering and interned in the oil and gas industry, after which he decided to pursue an alternative career path. This led to a job at Intel during the race to build the first microprocessor capable of achieving 1 gigahertz.

Miller learned a lot about himself and his professional interests during the experience, and he was eager for more. “I wanted to learn more about the business aspects; to move from being an engineer into a broader management and strategy role,” he says.

He applied to the program then known as Leaders for Manufacturing (LFM) and matriculated in 2001. The program was then focused on “Big M manufacturing,” but as Miller recalls, LFM was growing and evolving toward its eventual renaming as Leaders for Global Operations (LGO). As a result, the student experience was expanding far beyond manufacturing and into other disciplines.

For Miller, this meant the airline industry. “The intersection of technology and guest experience was taking hold in the industry because it required a pretty rapid shift in how airports and airlines were thinking about … how they were moving people through their journey,” he says.

LGO students participate in six-month internships at LGO partner companies that serve as a basis for their thesis projects. Miller interned at Continental Airlines, where he studied the use of self-service check-in kiosks and their impact on traveler experience.

After graduation, he remained at Continental — which merged with United Airlines in 2010 — for almost a decade, until he pivoted to designing and building new venues in the sports and entertainment industry.

“MIT constantly encouraged and challenged us to think very openly about the opportunities that lie ahead. In my case, these pivots didn’t seem that odd or awkward between the different engineering fields and industries. It was just another step in the journey,” says Miller. “The intersection of technology and the guest experience was at the heart of what I was doing.”

Merging invention with varied perspectives

Until the venue’s official launch, all the public knew about Sphere was what they could see displayed on its massive Exosphere. Once U2 played their first of 40 shows and filmmaker Darren Aronofsky’s “Postcard from Earth” premiered as part of The Sphere Experience, audiences were granted access to what Miller and his team had also been working on.

These include a fully immersive display plane with 16k x 16k resolution, 4D technologies like haptic systems and atmospheric effects to influence what guests are literally feeling, the world’s largest beamforming audio system, and more.

“So much of what we’ve done at Sphere has been about invention,” says Miller.

By “invention,” Miller means the sense of identifying potential experiences for the audience and working back from that point when developing the necessary technologies. Though he is quick to explain that technology is not always the solution to a problem, but simply one of many tools that can be used.

“A lot of it comes through process improvements,” explains Miller. “You’ve got to analyze what didn’t work, using a lot of data to come back and say, ‘You know what? This is what needs to change. This is why this approach didn’t work.’ Then get right back up and find another way to tackle the problem.”

From using systems thinking and data analytics to address complex problems — like how to guarantee that 18,000 people in a spherical structure will have the same experience — to building teams that collaborate well to produce possible solutions, Miller credits many of the tools at his disposal to his learnings at MIT.

He learned how to think about complex problems more broadly, and how to think collaboratively with others from a wide variety of backgrounds — much like the team at Sphere.

“At LGO, we discussed and worked on problems that hadn’t been solved yet. We needed a diverse group of people to come together and use all their experiences and expertise to create that solve,” says Miller. “It’s bringing together that diverse group of people to work together that ultimately gets to a great solution.”

Suicide Squad: Kill The Justice League Gets Playable Joker In Season 1 This March

Developer Rocksteady Studios has pulled back the curtains on the free seasonal content coming to Suicide Squad: Kill The Justice League after the game’s launch on February 2. Season 1 will kick off in March and includes the most famous villain in the DC roster: The Joker. Not only is The Joker joining the game, but he’ll be a new playable member of the Suicide Squad. 

Notably, this take on The Joker is not the Mark Hamill-voiced character from the Batman: Arkham series. Instead, Brainiac is pulling Elseworlds together in an attempt to merge them into a unified multiverse. This is how The Joker in Suicide Squad: Kill The Justice League joins the roster. In his universe, he was already a member of the Suicide Squad. His playstyle is fast and dynamic and requires players to stay moving, according to Rocksteady. 

Check out The Joker in Suicide Squad: Kill The Justice League in action in the video below

[embedded content]

As you can see, this video teases other villainous appearances and locations, like a Gotham City Police Department floating in space by flowing lava and a frozen locale that might be teasing Mr. Freeze. 

Alongside The Joker, players will have a new playable environment to explore that looks like a chemical factory-turned-funhouse by the man himself, plus new boss fights and enemy variants, including new variants of Green Lantern and Superman, according to Rocksteady’s Season 1 teaser, which you can view below: 

Suicide Squad: Kill The Justice League Gets Playable Joker In Season 1 This March

Other Season 1 additions include new DC villain-themed weapons and gear, new Riddler content, new activities and strongholds, and two new episodes of narrative content – these episodes will be centered on Two-Face and Scarecrow. 

Suicide Squad: Kill The Justice League hits PlayStation 5, Xbox Series X/S, and PC on February 2. 

For more about the game, read our hands-on preview with Suicide Squad: Kill The Justice League after playing it for a few hours, and then check out this story about how Rocksteady responded to leaks surrounding the game’s story. After that, read Game Informer’s list of upcoming superhero games

What do you think of this take on The Joker? Let us know in the comments below!