Europol-ENISA conference reviews the security challenges of IoT

Published: Wednesday, 25 October 2017 09:19

While it has many positive effects, the threats and risks related to the Internet of Things (IoT) are many and they evolve rapidly. For this reason, ENISA and Europol joined forces to tackle these security challenges by organising a dedicated two-day conference on 18th and 19th October 2017 which was attended by more than 250 participants from the private sector, security community, law enforcement, the European Computer Security Incident Response Teams (CSIRT) community and academia.

The risk of criminals ‘weaponising’ insecure IoT devices was already identified in the 2014 and 2015 editions of Europol’s Internet Organised Crime Threat Assessments and in ENISA’s 2016 Threat Landscape Report. It became a reality at the end of 2016 with several DDoS attacks of unprecedented scale originating from the Mirai botnet. It must be assumed that cybercriminals will develop new variants and enlarge the variety of IoT devices affected by this type of malware.

This joint Europol-ENISA conference, the first one on the topic, provided the opportunity for all the relevant stakeholders to come together to discuss the challenges faced and identify possible solutions, building on existing initiatives and frameworks.

The main conclusions of the conference were: