CLOUDTWEAKS CONTRIBUTOR PROGRAM

Join the CloudTweaks thought leadership contributor program which includes a customized profile, branded identity page, newsletter marketing, social amplification and more...

The program is currently available to consultants, influencers or executive level contributors.

red-alert-code

Coping with the Internet of (Risky) Things

Internet of (Risky) Things

The train appears to have left the station, and device manufacturers – makers of everything from washing machines to automobiles to baby monitors – are very much on board with the Internet of Things (IoT). The recent CES 2017 tradeshow in Las Vegas featured a flurry of new products that focus on connecting everyday objects to the public Internet, and allowing them to send and receive data. These ranged from the visionary (systems that let driverless cars communicate with each other) to the decidedly quirky (“smart” hairbrushes and toothbrushes, from France).

Business analysts are eager to quantify the market opportunity: Boston Consulting Group projects that global spending on IoT technologies, products, and services will reach $267 billion by 2020, and Juniper Research estimates that by 2021, the installed base of IoT products will grow to 46 billion units, roughly one-third of which will be consumer-facing.

IT and security professionals, though, are deeply concerned about the impact of all the IoT connections their organizations are making, or will soon make. In a worldwide survey of 593 such professionals by Ponemon Institute, IBM Security, and Arxan, 58 percent of respondents said they’re worried about their organization getting hacked through the IoT. Perhaps more alarming, 44 percent of those surveyed said their organization is taking no steps to prevent such attacks, and another 11 percent weren’t sure if their organization was taking action or not.

The worst-case example – so far – of a coordinated assault via the IoT was the DDoS (distributed denial of service) attack on Dyn, a domain-name-system provider, this past October. Leveraging large numbers of compromised IoT devices (such as webcams and digital video recorders) into a botnet, and directing it against Dyn’s servers, the attacker was able to cause widespread website outages across the Internet for hours.

The shape of things to come?

In the Dyn case, no lasting damage was done, although the owners and users of websites including Twitter, Spotify, PayPal, Pinterest, and Reddit were no doubt unhappy with the disruption. Yet it’s easy to extrapolate from the Dyn attack, and imagine how an adversary could wreak much worse havoc on the industrial, commercial, or government infrastructure with an abuse of IoT devices. As one security analyst said in testimony to Congress:

“The Internet of Things is bringing computerization and connectivity to many tens of millions of devices worldwide. We are connecting cars, drones, medical devices, and home thermostats. What was once benign is now dangerous. …
Because of these attacks, your security on the Internet depends on the security of millions of Internet-enabled devices, designed and sold by companies you’ve never heard of to consumers who don’t care about your security.”

The huge gap between the capability of all those IoT devices to produce harm, and the level of safeguards in place to prevent such harm, is explained by another analyst:

“There is an inherent tension between the notion of the Internet, which by design is made for sharing information far and wide, and IoT devices and solutions, which are increasingly ‘personal’ and collect/use information that must be protected. Unfortunately, IoT device manufacturers have tended to tilt toward the ‘Internet’ side without seriously addressing the consequences of not securing the actual ‘things’ they are selling.”

This leaves any organization that has IT systems, networks, and proprietary data it needs to protect between a rock and a hard place. Until device manufacturers assume responsibility for designing security into each of their IoT products, and/or government agencies impose standards or liability on the manufacturers, the responsibility for protecting one’s IT assets against an IoT-based attack will fall on the organization itself – and in particular, on IT and security professionals.

How to recognize the unknown threat

Where to turn for help? The Juniper Research study offers a clue: it recommends that security providers move beyond traditional signature-based detection methods, in order to address IoT cybersecurity effectively. There’s a growing recognition of the need for security solutions that don’t depend on your ability to identify the “threat profile” of a cyber-attack.

Endpoint modeling is a prime example of this new class of solution, which adds a valuable layer to the conventional security stack. It monitors each device in your environment, and tracks its behavior. For example, it models how each device uses the network, how it connects, what it connects to, and other details. Whenever a device starts exhibiting abnormal behaviors – acting in a way that it hasn’t before, or against the documented model – endpoint modeling provides near-real-time alerts, so you can take fast, effective action to defend your IT environment.

In the context of IoT, there are lots of IP devices that aren’t workstations or servers. Some combination of printers, phones, cameras, sensors, industrial devices, and others is likely to be found on many networks. These devices are often difficult to secure: it’s difficult to install agents or trusted certificates on them, and they may not receive timely updates for software vulnerabilities.

Endpoint modeling is good at monitoring these “Internet of Things” things. Since they are often very predictable in their behavior, it’s possible to identify subtle changes in behavior – which might indicate compromise – without producing lots of nuisance alerts.

By providing visibility – in real time and at a granular level – to what’s on the network and what is trying to access it, endpoint modeling makes it possible for IT and security professionals to meet two opposed challenges:

  • To securely connect their networks to authorized IoT devices as diverse as manufacturing-control devices, security cameras, multi-function printers, and smoke detectors,
  • To identify and respond to all the new points of vulnerability that result when unauthorized devices attempt to communicate with your network.

There’s little doubt that the Internet of Things will keep growing in the near future, as will the dimensions of risk posed by rampant interconnection. But there’s reason for hope that a new generation of advanced threat-detection systems will narrow the gap between the threat, and the ability to respond.

By Patrick Crowley

Patrick Crowley

Patrick Crowley is the founder and CTO of Observable Networks. He is also professor of Computer Science & Engineering at Washington University in St. Louis where he has been a leading researcher on deep packet inspection (DPI) technologies within various academic, commercial, and government communities.

View Website
The Lighter Side Of The Cloud - The Cloud Lecture
The Lighter Side Of The Cloud - Smoke Free Office
The Lighter Side Of The Cloud - Cloud Holiday
The Lighter Side Of The Cloud - Application Forecaster
The Lighter Side Of The Cloud – Accessories
Legal Tech - How to Create Long-Term Growth for Your Practice

Legal Tech – How to Create Long-Term Growth for Your Practice

Legal Tech Your Practice Your law firm is a business. Like all businesses, growth and profitability is paramount. You want ...
Malware Will Cripple Cloud And IoT Infrastructure If Not Contained

Malware Will Cripple Cloud And IoT Infrastructure If Not Contained

The Malware Cloud Concern This year we’ve had two cyber attacks in which malware was used to cripple government computer ...
How artificial intelligence and analytics helps in crime prevention

How artificial intelligence and analytics helps in crime prevention

How Artificial Intelligence Helps Crime Prevention According to a study released by FBI, there is an annual increase of 4.1% ...
Digital Innovation Starts with a Digital Core

Digital Innovation Starts with a Digital Core

Digital Innovation A lot of times when the prevalent industry trends are discussed among industry folks, there are usually two ...
Combatting Malware in the Cloud Requires a New Way of Thinking

Combatting Malware in the Cloud Requires a New Way of Thinking

Malware in the Cloud It’s no secret that cloud adoption has exploded in the enterprise over last few years. However, ...
blcokchain contributor

Cryptographic Key Generation – It’s Time To Pay Attention

Cryptographic Key Generation When we think about cryptographic keys, we tend to think about closely guarded secrets. Keys are the only ...
The Cloud Debate - Private, Public, Hybrid or Multi Clouds?

The Cloud Debate – Private, Public, Hybrid or Multi Clouds?

The Cloud Debate Now that we've gotten over the hump of whether we should adopt the cloud or not, "which ...
Top 10 Machine Learning Algorithms

Top 10 Machine Learning Algorithms to Know

Top 10 Machine Learning Algorithms Modern advancements in Artificial Intelligence (AI) are set to change our world for the better. These developments have largely been made possible due to technologies such as cloud sharing, data analytics, blockchain, and improved computing ...
The Developer’s Guide to Azure

The Developer’s Guide to Azure

Develop on a cloud platform designed for you. In this update of the Developer’s Guide to Azure, see how the comprehensive set of Azure app platform services fits your needs. Use it to navigate the architectural approaches and most common ...
[Free White Paper] Global Mid-Year Threat Landscape Report > Dive into the three major threats of mid-2018

[Free White Paper] Global Mid-Year Threat Landscape Report > Dive into the three major threats of mid-2018

[Free WhiThe use of unknown or unpatched software vulnerabilities in advanced attacks is key to threat actors, as it allows them to infiltrate organizations or distribute malware en masse to vulnerable systems. Download the free white paper now to learn ...
HTML5 Speed Test

HTML5 Speed Test

HTML5 SPEED TEST SERVICES There is no made-for-all solution when it comes to optimizing a website for speed, and while putting a cloud platform in place is a good start, every cloud startup should ensure that they have an optimization ...
Leading Programming Languages - TIOBE Index for July 2018

Leading Programming Languages – TIOBE Index for July 2018

Last month we announced that TypeScript entered the TIOBE index top 100 for the first time. TypeScript appears to keep growing in popularity. This month it entered the top 50. TypeScript is slowly becoming the new and improved JavaScript. One ...