As we enter into this “new world” of the Internet of Things (IoT), the risk of cyber threats and attacks grow exponentially. As deployments progress, new vulnerabilities are surfacing.
A report released this spring by Symantec analyzed 50 smart home devices and claimed “none of the analyzed devices provided mutual authentication between the client and the server.” Earlier this summer, researchers demonstrated the ability to hack into a Jeep while it was driving on the highway, first controlling the radio, air conditioning, windshield wipers, and finally cutting the transmission.
Traditionally, toys, tools, appliance, and auto manufacturers have not had to protect against external threats. Manufacturers of medical devices, elevators, HVAC, electric, and plumbing infrastructure components (all of which are likely to be connected to the Internet in the coming years) have not always been security minded.
As we are all aware, it is difficult enough on a daily basis to secure PCs, phones, servers, and even the network, which have been through significant security checking, reviews and assessments for years. How can you secure alarms, personal electronics, and home devices that seemingly come out daily?
To start, one must define and think about where the security platforms will be deployed – hardware, software, network, or all of the above?
Solutions such as Ziften listen to the network (from the device perspective) and use advanced machine-type learning to identify patterns and scan for anomalies. Ziften currently offers a global threat analytics platform (the Ziften KnowledgeCloud), which has feeds from a variety of sources that enables review of tens of millions of endpoint, binary, MD5, etc. data today.
It will be a challenge to deploy software onto all IoT devices, many of which utilize FPGA and ASIC designs as the control platform(s). They are typically incorporated into anything from drones to cars to industrial and scada control systems. A large number of these devices run on solid-state chips without a running operating system or x86 type processor. With insufficient memory to support advanced software, many simply cannot support modern security software. In the world of IoT, additional customization creates risk and a vacuum that strains even the most robust solutions.
Solutions for the IoT space require a multi-pronged approach at the endpoint, which encompasses desktops, laptops, and servers currently combined with the network. At Ziften, we currently deliver collectors for Windows, Linux, and OS X, supporting the core desktop, server, and network infrastructure that contains the intellectual property and assets that the attackers seek to get access to. After all, the bad guys don’t really want any information from the company refrigerator, but merely want to use it as a conduit to where the valuable data resides.
However, there is an additional approach that we deliver that can help alleviate many current concerns: scanning for anomalies at the network level. It’s believed that typically 30% of devices connected to a corporate network are unknown IP’s. IoT trends will likely double that number in the next 10 years. This is one of the reasons why connecting is not always an obvious choice.
As more devices are connected to the Internet, more attack surfaces will emerge, resulting in breaches that are far more damaging than those of email, financial, retail, and insurance – things that could even pose a risk to our way of life. Securing the IoT needs to draw on lessons learned from traditional enterprise IT security – and offer multiple layers, integrated to provide end-to-end robustness, capable of preventing and detecting threats at every level of the emerging IoT value chain. Ziften can help from a multitude of angles today and in the future.