Homeland Security sets its sights on IoT security

After the DDoS attack on October 21 that crippled some of the Internet’s most popular websites and proved the danger of not properly securing connected devices, the Department of Homeland Security said it is “working to develop a set of strategic principles for securing the Internet of Things.”

The Department of Homeland Security is developing a set of strategic principles for IoT security.

According to the statement, Homeland Security will release these principles “in the coming weeks.”

In addition, the Office of the Press Secretary said Homeland Security is closely monitoring events arising from the attack and convened a conference call “of about 18 major communication service providers to share information about the incident.”

Homeland Security said it believes the attack has been mitigated and has shared relevant information with its partners and through its Automated Indicator Sharing program.

“We are aware of one type of malware potentially used in this incident. This malware is referred to as Mirai and compromises Internet of Things devices, such as surveillance cameras and entertainment systems connected to the Internet,” Homeland Security said. “The NCCIC is working with law enforcement, the private sector and the research community to develop ways to mitigate against this and other related malware.”

For his part, Drew Ianni, chairman of the IOT Influencers Summit, called the news “interesting,” but questioned why Homeland Security is only now working on these guidelines to combat threats to the Internet of Things.

“One would think this specific kind of cyber threat is something that the Department of Homeland Security would have had this on their radar for quite some time now,” Ianni said. “And the citizenry would also assume, after what we learned from 9/11, that cross-agency information sharing should be of the highest priority in the fight against terrorism and that DHS would have been working with the CIA, the NSA, the FBI and other relevant agencies, frankly, for several years now on anticipating these kinds of threats.”