If you have a fairly new printer in your office, or one of those new Wi-Fi-equipped televisions at home, there's a good chance that you're giving a malware creator a new place from which to launch attacks against the Web. With the rapid growth of connected smart devices, there's an equally rapid growth in unprotected platforms just waiting for a malware invasion. Intel and McAfee have joined forces to secure devices of this type by offering a new type of embedded security.
In a merger that created headlines about baffled analysts, the real intent was clear. Intel's press release spoke about the need to create more secure hardware, and subsequent comments by executives at McAfee and Intel have made it clear that both companies are planning to move hardware security to the next level. While some analysts professed confusion, the industry watchers who actually understand security realized what was up-Intel was trying to slam the door on a huge vulnerability.
Think for a minute about all of the devices you have that connect to the Internet. Your computers, regardless of their operating system, are obvious, and they're probably protected. But what about the other devices? Many offices have Internet-connected printers, for example, to allow employees to produce documents while away from the office. You might think that printer-based malware is unlikely, but in fact the first printer-based worm surfaced years ago.
The same is true of other network-connected devices. Browse a website with your smartphone, and you run the risk of picking up malware that can then be spread to your computer next time you sync. You have what are essentially computers in your television at home, your Blu-Ray player, and maybe even your refrigerator. While these may not pose a threat directly to your enterprise, each of them provides a host platform for malware, and a vector that you're probably not prepared for.
It's not out of the question, for example, to create malware for mobile websites that targets Android or iPhone devices when they connect, and then uses their existing networking capability to make them part of a botnet. You may have noticed that owners of these devices are claiming that they have as much capability as some desktop computers, and they do. There's no doubt that the creators of malware have noticed this as well.
Security features embedded in hardware, especially when coupled with applications, can provide a real defense. The reason they have to be embedded in hardware is that these devices simply don't have the storage that your personal computer might have. Embedding the capability may simply mean adding a new piece of code to the flash memory, but whatever is done will likely be better than doing nothing at all.
Note that most of the vulnerabilities I'm mentioning here are in consumer devices, but that's precisely the point. Consumer devices are unlikely to be well protected, their users are unlikely to notice unusual activity, and they can stay connected to the Internet continuously. It's the perfect platform for spreading malware or for staging attacks on your enterprise. Even a little protection will go a long way.