Internet of Things Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

Internet of Things

A new chapter in remote IoT security

 960 640 Guest Post
By:
0
4

By Keith Glancey, Systems Engineering Manager at Infoblox   

When the COVID-19 pandemic struck, businesses around the world found themselves forced to adapt quickly in order to survive. IT and security teams took centre stage, and were tasked with supporting a newly-remote network of employees and maintaining business continuity. Many companies emphasised ‘connectivity first,’ relegating security to an afterthought. However, as the dust starts to settle, remote work seems here to stay in some form. This has opened up a new threat for many businesses.    

Just as the pandemic has blurred the line between our professional and personal environments, it has also blurred the line between our professional and personal IoT devices– whether it’s a connected television, smart thermostat or a tablet connected to a work application. The increased use of personal devices is making the professional network vulnerable to attack, and so is the proliferation of IoT devices. With many employees yet to return to the office, it’s never been more important for businesses to assess and address the IoT security risks posed by our new reality.  

The remote rise of Shadow IoT 

Even before the pandemic struck, IoT security was a challenge. In fact, research discovered that one third (33%) of UK businesses believed there were around 1,000 unauthorised or non-business related IoT devices – also known as Shadow IoT devices – connected to their enterprise networks. These devices can open the wider business up to attack and also enable unsanctioned ‘lurkers’ to access any given network. One of the consequences of the rise of shadow IoT was the surge of 17 million cases ofdistributed denial-of-service (DDoS) attacks across the globe in 2020 alone, with reports highlighting a 250% increase of frequency over the last 3 years. 

As remote working has transformed the way that individuals are using their IoT devices, this threat has only increased. The average home today has 11 IoT devices connected to its network. And since IoT devices are notoriously insecure, this presents a serious headache for IT and security teams. Each of these devices provides a vector through which malware can enter an employee’s home network and then move laterally to infect the corporate network as well. Given that IT teams can’t easily enforce corporate security policies on devices that sit outside of their infrastructure, this is opening up the floodgates and putting businesses at increased risk from attacks such as phishing and malware.  

To add to this, many individuals are naturally less risk-averse at home. For some, using a work device to browse social media, shop or stream entertainment services has become the norm. Yet, combined with the threats posed by unsanctioned IoT devices, this use of unsecured Wi-Fi connections, unsanctioned applications, and browsers with insecure plug-ins has the potential to compromise the entire corporate network.   

Future-proofing 

Organisations must take this time to embrace a more strategic approach to security, rather than hanging onto a model that isn’t compatible with the cloud-first networks that remote work requires. Network architecture is no longer centralised on a physical campus, with a core data center into which users connect, and security practices need to reflect this. 

One effective way that IT teams can protect their network against shadow IoT threats is by increasing visibility. This is where DNS (Domain Name System) tracking comes in. DNS is a core network service, which means that it touches every device that connects to a company’s network and the wider internet. Because of this, it doesn’t rely on a device being authorised or known to the IT team. As a result, DNS has the power to see every connection point in the network, enabling IT and security teams to know exactly what each IoT device is doing at all times.  

To take it to the next level, businesses can merge DNS with DHCP (Dynamic Host Configuration Protocol), and IPAM (IP Address Management). This combination of modern technologies – known as DDI – can pinpoint threats at the earliest stages, identifying compromised machines and correlating disparate events related to the same device. DDI can also help teams automate the provisioning of security services to remote endpoints, removing the need to ship devices back and forth for on-site patching.   

As enterprises become more distributed and borderless, they need security to stretch across their entire infrastructure and protect users wherever they are located. Defending from the network edge will be critical in combating shadow IoT threats brought about by remote work and using modern technologies such as cloud-first DDI will enable organisations to stop and remediate attacks before they cross over from the home to the corporate network. 

To succeed, enterprise cybersecurity needs IoT scale

 960 640 Guest Post
By:
0
0

By Nigel Thompson, VP Product Marketing at BlackBerry

There are few things in cybersecurity that aren’t up for endless debate. Yet one thing that is universally agreed upon is that anything with an Internet address can and will be attacked. We’ve certainly witnessed this happening on a large scale with the proliferation of Internet of things (IoT) devices in recent years, and we’re likely to see the scale and complexity of these attacks escalate in the years ahead. And due to their newness on the security scene, IoT devices will cause large headaches for enterprise security during those years.

IoT, on the whole, remains a misunderstood risk. When many consider IoT security, what comes to mind first are usually “smart home” automation systems, such as thermostats, lights, doorbells, speakers, and other consumer devices. One concerning case last year saw cyber attackers take over a family’s smart home devices to blast music at loud volumes, talk to the couple through a camera in their kitchen, and crank their thermostat to 90 degrees. In cases like these, such attacks could arguably be considered more of a nuisance than a life-endangering event.

But once you step outside the home, a more profound and immediate danger lies in wait, in the form of industrial, or enterprise IoT. This IoT includes connected devices found in manufacturing, the food supply chain, healthcare, and building automation, among other verticals. Of course, security events involving consumer IoT devices are bad enough, but such attacks hitting enterprise systems and critical infrastructure can be devastating, or in the case of medical devices, life-threatening. For example, at a past DEF CON security conference, Jay Radcliffe, an ethical hacker and diabetic, demonstrated that it wasn’t that difficult to take remote control of an insulin pump and deliver a lethal dose to a patient.

According to a recently published report from research and consulting firm Frost and Sullivan, by 2025 there will be 67 billion new connected devices in the world, up from 24 billion in 2019. Enterprises in every industry need be prepared for that eventuality. Because the more Internet-connected devices come online, the larger the potential attack surface of the organisation. In the years ahead, that attack surface is going to continue to expand exponentially.

The Threats to Enterprise IoT Are Real

The threats due to enterprise IoT are significant and should not be underestimated. These connected devices generate an enormous amount of highly detailed data. Should this data be stolen, or its network flow disrupted through a denial of service attack or a targeted ransomware strike, the results could be highly destructive to business reputation and operational availability. Also, the data within supply chains that detail operational demands, production data and more will always have value to competitors.

IoT security is a challenge across verticals. According to Frost and Sullivan, the factory and industrial automation market will have nearly 10.8 million connected devices by 2025, while building automation will reach 30 million. Other verticals expecting substantial growth, according to the report, include connected cars and telematics, retail, healthcare and medical devices, and enterprise-issued and bring your own (BYO) devices.

“This will substantially increase the threat surface, which is reflected in the rapidly expanding threat landscape,” the firm wrote in their report. The total number of devices include recognisable endpoints, such as phones and tablets, as well as devices across nearly every other industry.

Of course, with these device deployments, there is great opportunity to improve operational efficiency, improve the lifecycle management of capital assets, provide real-time insight into the enterprise happenings, and engage with customers in new ways. But the security concerns are also real. The challenge is to manage the security risks so that these benefits can be realised, and the risks minimised.

Attain Control and Visibility Across All Endpoints

There are a number of steps that can be taken to ensure adequate IoT security. One step every organisation can take right away is to procure devices from manufacturers that develop their products with security in mind – baking security in from the ground up, rather than bolting it on afterwards. As part of that effort, organisations should make sure to have their security teams test any new hardware and software for security flaws and ensure the devices can be managed just like other endpoints.

Of course, while it would be ideal that all enterprise IoT devices ship securely and without flaws, that’s not going to be the reality. Design mistakes will be made over the course of bringing even the most secure devices to market, and most enterprises will similarly make deployment and configuration mistakes that create detrimental security ramifications. For instance, according to Frost and Sullivan, effective IoT security is complicated by how different business departments will independently choose to manage and secure their IoT devices in different ways. All organisations must be aware of this, and should prepare to effectively track, secure, and manage all newly connected devices across the enterprise in a uniform way.

One of the most important strategies to success will be not treating IoT devices as a discrete security challenge, but as part of the organisation’s overall endpoint security strategy. If security teams are to have the visibility and control they need, endpoint and IoT security management must be unified. That includes devices that run any operating system, such as Android™, Chrome™, Windows®, and macOS®. With fewer consoles, or ideally a single console, when managing all endpoints, security teams will have all the information they need to properly identify security threats and respond to potential breaches, and to more intelligently defend systems and data.

Enterprises can’t afford to wait long to centralise their IoT and endpoint security. The longer they wait, the harder it’s going to be to successfully consolidate, especially as IoT deployments accelerate and there are ever more devices on networks, for example, as a result of the explosion of remote working caused by the recent COVID-19 pandemic. Without a centralised console, decentralised information about security events — including attacks across domains — will be lost or overlooked, and teams will be forced to try to manually piece together their responses.

Here are a number of key attributes security teams should look for from their providers when consolidating IoT and endpoint security:

  • The ability to centrally manage users, data files, devices as well as apps
  • Compatibility with most leading endpoint operating systems
  • Ability to manage security configurations for things like access credentials
  • The ability to track usage patterns through comprehensive analytics
  • The ability to deploy across cloud and on-premises environments

The swift pace of IoT has created an issue of scale “where the size of the environment of endpoints, data, and threats is making the job of the CIO and CISO unmanageable,” as the Frost and Sullivan analysts put it. While that’s accurate, it doesn’t have to be true everywhere. By taking the necessary steps today to consolidate endpoint security solutions, enterprises can make certain that their security efforts reach IoT scale.

Meeting the Tests to get out of Data Lockdown

 960 640 Guest Post
By:
0
0

Digital transformation of any business has always been hampered by making sense of underlying data. And that data has been growing in volume at an unprecedented rate driven by the growth of IoT. It’s the perfect storm – the need for real-time information being increasingly distanced by the rate at which the data volume is growing. Businesses need insight, not just data, which means getting the right information, to the right person, at the right time. 

But the age-old problem remains today – how do you understand and see what data you have readily available, in a format that’s usable and that you can access at the right time? Peter Ruffley, CEO, Zizo, explores three aspects businesses must consider to get out of ‘data lockdown‘…

Data access 

There are a multitude of ways to store and access data, but a majority of businesses haven’t considered access to external data sources yet. When we begin to question how to enrich and improve data, one of the fundamental capabilities of this process is by integrating external third-party data sources, such as weather, crime or other open data sources. 

Businesses need to have an understanding of what they need to do to make the process worthwhile, and ensure they have the correct capabilities before they start. A common first approach for many organisations is to build from scratch and make it their own, rather than considering the buyer approaches where you look at what’s out there, explore the marketplace and transform existing data to use within the business, rather than starting from the ground up. 

If they can’t combine different sources of data quickly and cost-effectively together, they won’t move forward. It makes sense to digitally transform an organisation if it is going to make use of what’s already out there, as being able to tap in and share other work and insights will make the exercise worthwhile and cost-effective. With combinations of solutions available in the marketplace that can accelerate the process by providing the necessary building blocks, it’s time to transform the digital transformation process. 

Data responsibility 

There remains a disconnect between IT teams and businesses’ impressions about what it means to provide the data. If both parties are not aligned with the same aims of the business, the project could stall at the first hurdle. Instead, organisations need to bridge the divide and encourage stronger collaboration between all stakeholders. When businesses realise where those holes are in their structure, it’s key to get people involved to solve those challenges. 

This involves change on three levels; personnel, cultural and technological. Who’s responsible for this chain? Whose action is it? How do we bring these teams together? The business might be storing a lot of data, but how can it be accessed, interrogated and made useful? How will the business’ data goals be defined? 

Typically, the digital transformation initiative comes from the top in the organisation. In order to get your business on board, you have to make a very clear case of what the benefits are. Employees need to trust that improvements will be made for them by doing this, rather than just dictating the plan. Digital transformation is a change programme, which impacts all aspects of the business. You therefore have to approach it in the same way that you would approach any change project – with clear objectives and an agreed process of identifying how you’re going to get value from data. With a compelling case, you have a much better chance of carrying it through with buy in from all stakeholders. 

Data and objective identification:

You can’t embark on a digital transformation initiative without a concept – you’re condemning the project to failure if the business is not engaged properly with the process before you start. In order to yield business benefit from data, organisations must identify the areas that will realise the most benefits. Even if they’re hypothetical, there must be measurable ambitions in place or milestones for this journey, so that there is an understanding of what you’re going to do, and what you want to get out of it. Or if those ambitions weren’t achieved, why not? What steps need to be taken next time? 

Organisations have to be able to collect the data and assess whether they can achieve their business objectives from that data. But a goal of just ‘digital transformation’, ‘digitising data’ or ‘making more money’ will never translate into a concrete business case. Goals need to be specific and measurable in order to determine the project roadmap and for success to be evaluated. 

More importantly, you have to understand where the data is in your organisation and what it’s being used for, before you start the process of transformation. The whole supply chain needs to be aware of the transformation and the demands that are going to be in place. You’ve got to be very open about this process, because there will be people who you haven’t thought of that might be impacted by the changes you’re making.

With easy access, a connected team and clear objectives, companies can have a clear outline of what it is they set out to achieve in their digital transformation, how they expect to make this transition with the data available, and who can take on what role in this process. 

42% rise in companies reporting cyber attacks by foreign governments

 960 640 Stuart O'Brien
By:
0
0

In 2018, 19% of organisations believed they were attacked by a nation-state – That figure increased to 27% in 2019, with companies in North America the most likely to report nation-state attribution, at 36%.

That’s according to Radware’s 2019-2020 Global Application & Network Security Report, which found that more than one in four respondents attribute attacks against their organisation to cyber warfare or nation-state activity. 

“Nation-state intrusions are among the most difficult attacks to thwart because the agencies responsible often have significant resources, knowledge of potential zero-day exploits, and the patience to plan and execute operations,” said Anna Convery-Pelletier, Chief Marketing Officer at Radware. “These attacks can result in the loss of sensitive trade, technological, or other data, and security teams may be at a distinct disadvantage.”

Radware says the findings come at a time of heightened anxiety for security managers. Organisations are increasingly turning to microservices, serverless architectures, and a mix of multiple cloud environments. Two in five managers reported using a hybrid environment that included cloud and on-premises data centers, and two in five said they relied on more than one public cloud environment. However, only 10% of respondents felt that their data was more secure in public cloud environments.

As organisations adapt their network infrastructure to enjoy the benefits of these new paradigms (such as microservices and multi-cloud environments), they increase their attack surface and decrease the overall visibility into their traffic. For example, 22% of respondents don’t even know if they were attacked, 27% of those who were attacked don’t know the hacker’s motivations, 38% are not sure whether an Internet of Things (IoT) botnet hit their networks, and 46% are not sure if they suffered an encrypted DDoS attack. 

Convery-Pelletier added: “This report finds that security professionals feel as though the battlefield is shifting under their feet.  Companies are increasingly adding and relying upon new paradigms, like microservices, public and hybrid clouds, and IoT, which means the infrastructure is harder to monitor for attacks. These new technologies force a shift in security implementation into the development teams.  Security is often an afterthought as businesses march forward, and there is a misconception that ‘good enough’ is enough.”

In addition, the report also found:

The emergence of 5G networks. As the push for 5G grows, there exists an important opportunity to build security into networks at its foundations. Despite the increasing buzz around 5G networks, only 26% of carriers responded that they felt well prepared for 5G deployment, while another 32% stated that they were somewhat prepared.  

Be careful what you wish for in terms of IoT. 5G promises to advance organisations’ implementation of and the value they derive from IoT technologies, but that promise comes with a corresponding increase in the attack surface. When it comes to IoT connected devices, 44% of respondents said malware propagation was their top concern, while lack of visibility followed at 20% and Denial of Service at 20%.

Data loss is top concern. About 30% of businesses stated that data theft as a result of a breach was their top concern following an attack, down from 35% the previous year, followed by service outages at 23%.  Meanwhile, 33% said that financial gain is a leading motivation for attacks.

To read Radware’s ERT report, visit https://www.radware.com/ert-report-2020/

Nuvias appointed pan-EMEA distributor for Juniper Networks

 960 640 Stuart O'Brien
By:
0
0

Nuvias is now a pan-EMEA distributor for Juniper Networks’ full range of networking, security, data centre and cloud solutions. The firm will support Juniper’s continued growth plans for EMEA, particularly in the mid-to-high end enterprise market.

Alongside Juniper, Nuvias has designed a full channel partner development and acceleration programme that complements Juniper’s existing channel strategy. It will offer technical, sales and marketing training to help maximise the business opportunities in high growth markets such as cloud, Internet of Things (IoT) and Software Defined Networking (SDN) – areas where Juniper also invests.

“Nuvias is excited by this new partnership with Juniper, a pioneer in networking innovation, performance and security. The strength of our commitment will be demonstrated through a dedication to partner enablement, services and solutions that can generate new opportunities and business,” said Paul Eccleston, CEO of Nuvias.

“We are equipping partners with the necessary skills to pursue opportunities independently, generate additional revenues, and deliver innovative services to their customers. Juniper invests in partners that bring in new business and this agreement presents a fantastic opportunity for the channel.”

High-performance network automation, SDN and intelligent, software-defined security will play a key role in organisations’ Digital Transformation strategies.

“We are delighted to be working with Nuvias, whose strengths in value-added networking and security distribution perfectly complement our strategic focus and solutions portfolio,” said Kristian Kerr, head of channel, alliances & commercial, EMEA, Juniper Networks.

“Nuvias’ approach reflects the dynamic IT landscape, while being able to consistently deliver the highest levels of capability, accreditation, sales, marketing, services and operational excellence to Juniper’s partners across EMEA.”