In 2011 Cisco put out a report there are 12.5 Billion devices connected to the Internet and since we have 6.8 Billion people there are more devices than people (tablets, smartphones etc).
In fact according to this Cisco report the year 2008 is when the number of connected items (or Internet of things) exceeded the number of people in the world.
This phenomenon will increase and become 2x or 3x the number of people very quickly. As we will expect more out of our electronic devices not less.
So the future holds more devices networked not less. we will not run out of IP addresses as the current IPv4 address schema holds 2^32 addresses or 4.3 Trillion ( or x10^9)
Whereas in IPv6 the schema holds 2^128 numbers or 3.4 x10^38 needless to say we have a little while to go to run out of numbers in IPv4, but we will not likely run out of IPv6 device capability.
Why does this affect pentesting? If there are more and more devices coming online on the Internet that means a higher number of devices can be subverted and used to attack you. THIS IS A BASIC SECURITY PRINCIPLE (I will review it as it bears repeating)
Everyone seems to think my devices are safe, or what do I have that is important to a criminal (besides my credit card – which I will deny to pay any items on my bill that I have not actually purchased). The end result is: who me? nothing is of value to hackers on the net, so why should I do pentesting?
Pentesting is where the vulnerabilities of your devices on the network are reviewed and tested for hackability. How easy can a hacker penetrate and use my devices for their own needs?
Well a hacker wants to use your devices so he can attack entities of value to them. A criminal hacker is going after money $$$. A political hacker is going after political targets (like Hamas versus Israel and their supporters) example: Jerusalem Post has an example of a Hamas affiliated websites being hacked by Israel hackers. A Control hacker is going after the mere fact of controlling a million devices, and then usually selling the rights after someone talks them into it.
The bottom line is your device is being sold for its processing and network power for various reasons usually criminal.
This means everyone has a device that can be attacked and should be pentested. What if your company devices are being used now to attack other systems?
contact Us here at OversiteSentry or at Fixvirus.com