The number of IoT devices is growing at an alarming rate. Many of these devices go unnoticed. The problem is that the software used by many of these devices lack basic security measures that we take for granted in regular computer software. Furthermore, security advisories are almost non-existent for IoT. During this talk I will set the stage for how IoT is dramatically increasing the attack surface available to threat actors. I will show how IoT devices have already been utilized for attacks (such as the Mirai botnet), how difficult it can be to fix IoT security issues as well as illustrating some changes that need to happen in the industry to enable us to securely use IoT going forward.
