Written By David Shefter And Presented By Ziften CEO Charles Leaver
We are now living in a brand-new world of the Internet of Things (IoT), and the risk of cyber risks and attacks grow exponentially. As implementations develop, new vulnerabilities are appearing.
Symantec released a report this spring which evaluated 50 smart home devices and claimed “none of the evaluated devices provided mutual authentication between the client and the server.” Earlier this summertime, researchers showed the capability to hack into a Jeep while it was driving on the highway, initially managing the radio, windshield wipers, a/c and lastly cutting the transmission.
Generally, toys, tools, appliance, and vehicle manufacturers have not needed to protect against external dangers. Makers of medical devices, elevators, A/C, electric, and plumbing infrastructure components (all of which are most likely to be connected to the Web in the coming years) have actually not always been security conscious.
As we are all aware, it is hard enough on a daily basis to protect PCs, phones, servers, and even the network, which have been through considerable security monitoring, reviews and evaluations for many years. How can you protect alarms, personal electronics, and house devices that seemingly come out daily?
To begin, one must define and consider where the security platforms will be deployed – hardware, software, network, or all of the above?
Solutions such as Ziften listen to the network (from the device point of view) and use advanced machine-type learning to recognize patterns and scan for abnormalities. Ziften presently provides an international danger analytics platform (the Ziften KnowledgeCloud), which has feeds from a range of sources that enables review of 10s of millions of endpoint, binary, MD5, etc data today.
It will be a challenge to deploy software onto all IoT devices, a lot of which utilize FPGA and ASIC designs as the control platform(s). They are normally integrated into anything from drones to cars to industrial and scada control systems. A large number of these devices work on solid-state chips without a running operating system or x86 type processor. With inadequate memory to support advanced software, many merely can not support contemporary security software. In the realm of IoT, additional customization produces risk and a vacuum that strains even the most robust systems.
Solutions for the IoT space need a multi-pronged method at the endpoint, which includes desktops, laptop computers, and servers currently integrated with the network. At Ziften, we currently deliver collectors for Windows, Linux, and OS X, supporting the core desktop, server, and network infrastructure that contains the intellectual property and assets that the assailants seek to obtain access to. After all, the bad guys don’t actually want any details from the company fridge, however merely want to use it as a conduit to where the important data lives.
Nevertheless, there is an additional technique that we deliver that can help ease lots of present issues: scanning for anomalies at the network level. It’s believed that normally 30% of devices linked to a corporate network are unknown IP’s. IoT patterns will likely double that number in the next 10 years. This is among the reasons why connecting is not always an obvious choice.
As more devices are linked to the Internet, more attack surface areas will emerge, leading to breaches that are much more destructive than those of e-mail, financial, retail, and insurance – things that could even pose a danger to our way of living. Protecting the IoT needs to make use of lessons learned from conventional enterprise IT security – and offer multiple layers, integrated to provide end-to-end robustness, capable of avoiding and identifying dangers at every level of the emerging IoT value chain. Ziften can help from a multitude of angles today and in the future.