The Internet Of Things Is An Enormous Security Risk – Chuck Leaver

Written By David Shefter And Presented By Ziften CEO Chuck Leaver

We are now residing in a new world of the Internet of Things (IoT), and the threat of cyber risks and attacks grow greatly. As releases progress, new vulnerabilities are appearing.

Symantec launched a report this spring which evaluated 50 smart home devices and declared “none of the analyzed devices provided shared authentication between the client and the server.” Previously this summer, analysts showed the capability to hack into a Jeep while it was cruising on the highway, initially controlling the radio, windshield wipers, cooling and finally cutting the transmission.

Traditionally, toys, tools, home appliance, and car manufacturers have actually not needed to protect against external threats. Producers of medical devices, elevators, HVAC, electric, and plumbing infrastructure parts (all of which are most likely to be connected to the Web in the coming years) have actually not always been security conscious.

As we are all mindful, it is hard enough daily to protect PCs, mobile phones, servers, and even the network, which have actually been through considerable security checking, reviews and evaluations for several years. How can you secure alarms, individual electronic devices, and house devices that apparently come out daily?

To start, one must define and think about where the security platforms will be deployed – hardware, software, network, or all the above?

Solutions such as Ziften listen to the network (from the device viewpoint) and utilize innovative machine-type learning to recognize patterns and scan for anomalies. Ziften presently provides a global danger analytics platform (the Ziften KnowledgeCloud), which has feeds from a range of sources that makes it possible for evaluation of tens of millions of endpoint, binary, MD5, and so on data today.

It will be a difficulty to release software onto all IoT devices, many of which make use of FPGA and ASIC designs as the control platform(s). They are usually incorporated into anything from drones to cars to industrial and scada control systems. A a great deal of these devices work on solid-state chips without a running operating system or x86 type processor. With insufficient memory to support advanced software, many just can not support contemporary security software. In the realm of IoT, additional customization creates threat and a vacuum that strains even the most robust services.

Solutions for the IoT space require a multi-pronged technique at the endpoint, which incorporates desktops, laptops, and servers currently integrated with the network. At Ziften, we presently deliver collectors for Windows, Linux, and OS X, supporting the core desktop, server, and network infrastructure which contains the intellectual property and assets that the assailants look for to obtain access to. After all, the criminals don’t actually desire any info from the company fridge, however simply wish to use it as a conduit to where the important data lives.

Nevertheless, there is an extra method that we provide that can help relieve lots of existing issues: scanning for anomalies at the network level. It’s thought that usually 30% of devices connected to a business network are unknown IP’s. IoT patterns will likely double that number in the next ten years. This is among the reasons that connecting is not always an obvious choice.

As more devices are connected to the Internet, more attack surfaces will emerge, resulting in breaches that are far more damaging than those of email, financial, retail, and insurance – things that could even position a risk to our way of living. Protecting the IoT has to draw on lessons gained from traditional enterprise IT security – and provide multiple layers, integrated to provide end-to-end robustness, capable of avoiding and identifying risks at every level of the emerging IoT value chain. Ziften can help from a multitude of angles today and in the future.


Chuck Leaver – Security Blindsports Are A Threat So Use Ziften ZFlow

Written By Andy Wilson And Presented By Chuck Leaver CEO Ziften   Over the past number of years, lots of IT organizations have actually embraced the use of NetFlow telemetry (network connection metadata) to enhance their security position. There are lots of factors behind this: NetFlow is relatively economical (vs. full packet capture); it’s reasonably […] Continue reading →

Prevention And Blocking Are Not Cutting It So A New Path For Endpoint Security Is Needed – Chuck Leaver

Written By Josh Harriman And Presented By Chuck Leaver Ziften CEO   Traditional endpoint security software, some of which have been around for over twenty years, rely heavily on the same protection approaches every year. Although there is always innovation and strides to enhance, the underlying problem still exists. Dangers will always find a path […] Continue reading →

These Are The Top 5 Suspect User Endpoint Activities That You Need To Watch For – Chuck Leaver

Written By Dr Al Hartmann And Presented By Ziften CEO Chuck Leaver Traditional security software applications are unlikely to spot attacks that are targeted to a specific company. The attack code will most likely be remixed to avert known malware signatures, while fresh command and control infrastructure will be stood up to avert recognized blacklisted […] Continue reading →