Monitoring IoT devices to detect malicious threats

Fortunato Guarino of Guidance Software

Since its inception, the Internet of Things (IoT) has grown at a rapid pace and shows no signs of stopping. It is no secret that the IoT comes with inherent security risks, Forrester has predicted a large-scale IoT security breach will occur in 2017.

The DDoS attack on the popular DNS provider, Dyn, that crippled some of the world’s most popular sites in 2016 has put the integrity of the IoT under huge scrutiny and raised questions over the security of the millions of internet-connected devices around the world.

So, asks Fortunato Guarino of Guidance Software, what significance does this new wave of attacks have for the enterprise and what can organisations do to monitor the multitude of devices to detect any indicators of compromise before it’s too late?

IoT vulnerabilities

With the increase in internet-enabled device numbers, anything that’s connected, from medical devices to something as seemingly harmless as a fridge or printer, could be an easy route into a network for a hacker. Whilst these may not seem like prime targets to protect, vulnerabilities within IoT devices can be exploited and they could be the route in for hackers to access valuable data, or used together to cripple a network.

The sheer volume of IoT devices makes it a huge challenge to monitor every single appliance and detect indicators of compromise, validate threats, and more importantly remediate any threats that get past traditional network security.

However, it is more important than ever for organisations to have full visibility on every endpoint so that any compromise can be quickly remediated. Without doing so, further large scale attacks that take advantage of vulnerabilities within insecure software are inevitable.

Legislation, legislation, legislation

As we move toward 2020 where an estimated 30 billion connected devices will be in the ‘wild’, the number of new vulnerabilities being identified continues to increase. For years, experts expressed their concerns over IoT Security and the huge security risks they pose and only now are they being listened to.

In 2015, security researchers Charlie Miller and Chris Valasek hacked into a Jeep Cherokee featuring connected controls. As their volunteer victim was driving at 70 mph, the researchers took control over the car’s brakes and accelerator, as well as the radio, horn and windshield wipers. While the test exploit caused no real damage, it delivered an important message about the need for tougher IoT security standards.

Many security experts, including security commentator Bruce Schneier, believe that, like pollution, the only solution is to regulate the IoT. Governments should impose minimum security standards on IoT manufacturers which, in turn, forces them to make their devices secure. Security standards are still evolving to accommodate the plethora of devices coming to market without the necessary internal security features in place.

However, the EU has showed signs of adopting a more stringent regulatory framework after announcing that it is investing €192 million(US$ 203.45 million) in IoT research and innovation. Ironically, just before the DYN DDoS attack, it had announced it was looking to release legislation proposals for Internet of Things privacy and security as well as suggesting IoT manufacturers add labels on their products to indicate how secure they are. But is this really enough?

The connected workplace

With the lack of security in place today for Internet-connected devices, it is near certain that threats will continue to multiply as more and more devices are adopted at home and in the workplace. For example, printers, fridges and thermostats can all now be connected in modern workplaces without the over-the-air security updates and patches of endpoints such as laptops, PCs and mobiles.

Visibility is key and enterprises need to establish a clear view of their IT estate. IoT devices should now be considered as an endpoint like any other computer, mobile phone or tablet and should be actively monitored to detect malicious threats. It is more important than ever for organisations to take control of the entire estate and monitor, assess, and investigate all endpoints so that any compromise can be quickly remediated.

As these devices become more commonplace in the organisation, there’s also a growing need for a more joined up approach to security between IT departments and procurement.

We’re now seeing instances whereby an organisation will insist on having access to the operating code of any internet-enabled device before they purchase it, to monitor it with their own technology for any potentially suspicious behaviour.

What next?

The IoT promises a host of benefits for businesses: from enabling better health services, increase efficiency within multiple industries and generate more innovative businesses. It remains to be seen if IoT manufacturers will begin to change their approach on security, but with the Federal Communications Commission looking to increase security regulations on IoT, it seems that the manufacturing industry is beginning to realise the huge IoT security deficiencies. Whilst these discussions are ongoing, there are measures that organisations can take to remove any IoT blind spots.

Organisations that have visibility and the ability to take control of every IoT device will be stepping in the right direction. Surely, we shouldn’t wait for another wide scale attack before taking steps to shore up the security of internet-enables devices.

The author of this blog is Fortunato Guarino, solution consultant EMEA, Cybercrime & Data Protection advisor at Guidance Software

Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Infineon and Rainforest Connection create real-time monitoring system to detect wildfires

Posted on: October 22, 2021

Munich and San Jose, California, 21 October, 2021 – Infineon Technologies AG a provider of semiconductors for mobility, energy efficiency and the IoT, announced a collaboration with Rainforest Connection (RFCx), a non-profit organisation that uses acoustic technology, Big Data and Artificial Intelligence / Machine Learning to save the rainforests and monitor biodiversity.

Read more

Infineon simplifies secure IoT device-to-cloud authentication with CIRRENT Cloud ID service

Posted on: October 21, 2021

Munich, Germany. 21 October 2021 – Infineon Technologies AG launched CIRRENT Cloud ID, a service that automates cloud certificate provisioning and IoT device-to-cloud authentication. The easy-to-use service extends the chain of trust and makes tasks easier and more secure from chip-to-cloud, while lowering companies’ total cost of ownership. Cloud ID is ideal for cloud-connected product companies

Read more