Microsoft sees the Internet of Things as a potential playground for attackers, and has introduced new tools and services designed to improve IoT security.
Some 9 billion IoT devices powered by microcontroller units (MCUs) come online annually, with an expected 20 billion total by 2020 and 80 billion by 2025, Microsoft Corp. (Nasdaq: MSFT) said at its Ignite customer and partner conference in Orlando, Fla. last week. Many of these devices aren't secured, either because it's too expensive for manufacturers to secure them, or because it previously wasn't thought worthwhile.
For an example of latter, consider the case of the Las Vegas casino that was successfully hacked through a fish tank thermometer. Reasonable people might think that there's no good reason to secure a fish tank thermometer, because the harm that an attacker can do is small -- just kill some fishes. However, in this case, the thermometer was network-connected, so attackers were able to use the thermometer as a foothold to get on the casino's enterprise systems and steal the casino's high-roller database, according to Microsoft.
"The MCU devices are the dark matter of the computing universe," Galen Hunt, Microsoft distinguished engineer and Azure Sphere partner group program manager, said in an interview. "They outnumber everything else ten to one and they haven't been connected until now."
For more about the potential threat of IoT devices, and Microsoft's latest steps to help developers secure against that threat, see our Light Reading article: Unknown Document 746431.
— Mitch Wagner Executive Editor, Light Reading