1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Outdated and unsecured IoT devices are a serious risk for UK busi

    From TechnologyDaily@1337:1/100 to All on Monday, May 12, 2025 14:15:09
    Outdated and unsecured IoT devices are a serious risk for UK businesses

    Date:
    Mon, 12 May 2025 13:00:00 +0000

    Description:
    Businesses are running old, outdated IoT and aren't adhering to cybersecurity standards.

    FULL STORY ======================================================================IoT in the enterprise is a major liability, the UK government claims Most organizations are running old and outdated software They are also not
    adhering to security standards

    Internet of Things (IoT) devices in the enterprise are a major security liability. This is according to a new report from the cybersecurity professionals NCC Group, on behalf of the UKs government.

    The government is concerned about the security of these products as
    vulnerable devices can provide a route for hostile actors to attack the IT systems used by businesses, the UK government said in an announcement for the report. As part of the governments work to address this issue and improve cyber resilience across the UK economy, the government commissioned NCC Group to conduct a vulnerability assessment of some commonly-used enterprise connected devices.

    The results have shown that UK businesses have plenty of reasons to be concerned. Apparently, NCC Group found a number of software and hardware vulnerabilities that could lead to remote code execution (RCE) attacks, granting threat actors full control of a device, over the network. Outdated software

    One of the bigger problems was outdated software. The report states that unpatched solutions were prevalent across devices, also stating that one of the analyzed devices ran a 15-year-old bootloader.

    The UK government also said that in most cases, an attacker with physical access to a device would be able to fully compromise it, installing a persistent backdoor to be used in future attacks. The majority of the tested devices ran all of their processes as the highly privileged root user, which means theres no access granulation and the consequences of a breach could be dire.

    There is nothing particularly unique about these IoT devices, or the vulnerabilities they carried. The UK government said they were generally insecure, especially when it comes to configuration of services,
    applications, or features. It also warned that adherence to the NCSCs Device Security Principles, and the ETSI EN 303 465 standard was mixed. You might also like The hidden risks of IoT: Why businesses need to modernize mobile security Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/outdated-and-unsecured-iot-devices-are- a-serious-risk-for-uk-businesses


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)