10 months ago


Internet of Things

Internet of Things segmentation can too bolster security and prevent attacks such as DDOS, as an internal network structure can reduce data visibility from outsiders. "If attacks do occur, companies can consider using particular services such as incident response for IoT and embedded systems to determine how such incidents took place, the systems that were breached and the data that might be at risk. This can, in turn, provide the knowledge of how to prevent similar attacks from happening again," he adds. CONNECTED CARS Richard Stiennon, chief strategy officer at Blancco Technology Group and author of 'There will be Cyberwar', singles out what he calls the 'elephant on the road' when it comes to data vulnerability: connected cars. "Connected cars, and self-driving cars in particular, are bringing out much debate about the need for new legislation to protect users' data privacy. The issue really comes down to the size of the car market - buying, renting and self-driving. You have both car owners and renters syncing millions of data points - contact details, music apps, maps and more - from their smartphones directly onto the dashboards on the cars. "And when you move to driverless cars, the types and amounts of data stored increases significantly. Manufacturers and car rental companies need to sort out exactly when, where, and how all of that synced data is erased - and done so properly without the possibility of ever being recovered." RUSH TO PRODUCTION As John Smith, principal solutions architect for security, ExtraHop, states IoT is hot right now, and for good reason. "Business across multiple verticals see its potential to streamline and accelerate everything from production to payment processing, as well as tap into new sources of consumer demand. In the rush to capitalise on IoT's potential, however, many companies push IoT offerings to production too early, without critical baked-in security features. Without these, someone is going to get burned," he warns. Stolen identities, credit card fraud, and leaked insurance information or medical records are just the tip of the iceberg, Smith adds. "The damage runs deeper than initially meets the eye. Comparatively, IoT breaches in the infrastructure, manufacturing and healthcare sectors may not be as pervasive, but the possibilities are terrifying. The damage STUXNET caused to the Iranian nuclear program demonstrates the potential loss of life resulting from critical infrastructure impacts. A large-scale breach in a hospital setting could shutdown critical testing and diagnostic equipment, delaying patient care and impacting outcomes. These environments more closely resemble the Internet of Threats, not things." If we've learned anything from the STUXNET attack, he continues, not to mention the explosion of sophisticated IT security threats like ransomware, an IoT breach is inevitable. But while native IoT security catches up to the hype, there are things businesses can do to reduce their risk, he states, namely: Turn on the lights: "You can't manage what you can't see. This is even more true for IoT, a connected fabric of devices and systems that lack native auditing and accountability among one another. If you can't understand the interactions between these devices, you have no control. Monitoring and performance management technologies that leverage the network as a data source see all interactions between IoT devices and other systems. Look for offerings that are real-time, focusing on IT analytics, not packet capture." Turn on the lights, again: "Consumers can't be left in the dark either. They need to make themselves aware of the risks to their privacy when they opt into IoT-based devices. And businesses need to help them with clear warnings about the risks and simple steps to keep devices locked down." 50 Shades of Security: "IoT systems need to be standardised on what protocols and encryption levels are acceptable. While hacking a neighbour's Bluetooth-enabled speaker system is annoying, it has nowhere near the impact of an Iranian centrifuge spinning out of control or a hospital unable to perform diagnostic testing or administer life-saving treatments." DEFENCE PLANNING Roland Dobbins, principal engineer at Arbor Networks, believes that organisations can defend against DDoS attacks by implementing best current practices for DDoS defence, including "hardening their network infrastructure; ensuring complete visibility into all traffic moving through their networks; implementing sufficient DDoS mitigation capacity and capabilities - either on-premise or via cloud-based DDoS mitigation services, or both - and by having a DDoS defence plan that is kept updated and is rehearsed on a regular basis. "In particular, ISP and MSSP network operators should actively participate in the global operational community, so that they can render assistance when other network operators come under high-volume DDoS attacks, as well as request mitigation assistance as circumstances warrant," according to Dobbins. "Active, continuous cooperation between enterprise network operators, ISPs and MSSPs is the key to successful DDoS defence. It's also very important that, when measuring DDoS attack volumes, network operators take into account the baseline load of their normal Internet traffic, so as to neither underestimate nor overestimate the amount 28 computing security March/April 2017 @CSMagAndAwards

Internet of Things of attack traffic targeting their networks and customers." TIPPING THE BALANCE Finally, here are some best practices recommendations from Younus Aftab, VP Product, Pulse Secure: "Address all endpoint (IoT) activities on the network with a comprehensive visibility solution that collects context information of who, what, when, and where. "Identifying endpoints is the first stage, followed by the need for multi-functional enforcement capabilities to drive granular control. Given the complexities and creativeness of IoT threats along with APTs, IT administrators need better mouse traps, which continuously evolve beyond a single enforcement point offered by today's nextgeneration firewalls. "Automate and adjust policies and processes accordingly to meet the constantly evolving threats. Similar to the benefits of password management practices, the need to apply these updates to policies and processes is just as important to manage the risks of IoT," he advises. ALL-OUT IOT AT CEBIT Meanwhile, this year's CeBIT exhibition in Hannover, Germany (20-24 March), will take a look at current and emerging IoT applications with a line-up of showcases by big-name players, exclusive previews of both the latest research and a host of in-show events. "The opportunities awaiting companies prescient enough to adopt IoT in their organisations are immense, ranging from process optimisation and added value for existing products right though to access to new markets," claim the organisers, while adding: "As it happens, German companies have so far shown themselves to be somewhat restrained in their enthusiasm for IoT-based innovation, with two out of every three firms reporting that they have yet to get an IoT pilot project up and running. It's probably fair to say that, when it comes to the Internet of Things, many companies are still looking for the right strategy. And that is why CeBIT's extensive and multidisciplinary array of IoT solutions has been set up to deliver the opportunities to make valuable contacts with potential partners and customers. The show's home base for IoT-minded trade visitors is Hall 12, with its large-scale M2M/IoT Pavilion, where Italian-based global technology provider Eurotech is partnering with organisations like the OSGi Alliance, Red Hat and Oneserve to present IoT solutions for a wide range of industries. The solutions that will be on show are based on open industrial standards and are geared towards delivering long-term process improvement and realising new business models. German technology firm Device Insight will also be at CeBIT with an IoT platform that enables fully automated analysis of machine operating states. The data collected by the platform is displayed visually using web-based dashboards, enabling users to pinpoint at-risk parts and components before they fail. Telefónica Deutschland will be there, too - the first time in 10 years that the company has had a major display stand at the show. The technologies on display will include tailored solutions for business customers and new M2M products. The company's subsidiary Telefónica NEXT will also be there with a range of end-customer applications. Highlights include solutions for the fastgrowing advanced data analytics segment. Hall 12 is also to be the venue for the IoT Expert Conference, a platform for in-depth dialogue that is located right-next door to the hall's exhibition zone. Younus Aftab, Pulse Secure, offers some best practices recommendations. Alex Mathews, Positive Technologies: hard to believe all IoT manufacturers will tighten security standards just by themselves. @CSMagAndAwards March/April 2017 computing security 29