IoT and the Expanding Threat Surface
The Internet of Things has the potential to be one of the biggest technological revolutions in the recent ages, enabling businesses to work smarter, faster and more profitably. However, in order for IoT to really gain adoption and attain its promise, one of the critical issues that still needs to be addressed is securing IoT and all the components that make up IoT. With billions of things or endpoints, including everything from cars, homes, toasters, webcams, parking meters, wearables, factories, oil rigs, energy grids and heavy machinery, connected to the Internet, IoT suddenly opens up the threat surface exponentially, increasing vulnerabilities and creating millions of opportunities for malicious threats and attacks.
The recent DDoS attack highlights the alarming danger and risks associated with unsecured IoT devices and components. What we know is that the denial of service attack was carried out by utilizing armies of unsecured Internet of Things consumer devices, including webcams, routers and video recorders, to flood the servers at Dynamic Network Services (Dyn) with bogus requests that further led to the blockage of more than 1,200 websites. The attack was orchestrated using thousands of such devices that had been infected with malicious code to form a botnet army, that sent malicious network traffic to their targets. In the aftermath of the attacks, one of the Chinese manufacturers has recalled up to 10,000 webcams that lacked proper security capabilities to effectively protect from threats. However, what is more disconcerting is the fact that, based on experts, this is still a relatively small scale attack and warned of more serious consequences from other similar attacks in the future.
To learn more about the recent DDoS attacks, check out our earlier blog: Here is Why the Internet Shut Down
This definitely should serve as an eye-opener and a wake up call for businesses and individuals to take firm action about security issues across IoT. Based on a recent survey, released by IT security firm ESET and the National Cyber Security Alliance, about 40 percent of respondents in the US expressed no confidence in the safety, security, and privacy of connected devices. So IoT security issues will continue to hog the limelight until manufacturers start to seriously address security vulnerabilities, and organizations step up their cybersecurity measures internally to effectively detect and counter future threats. While there are many things one must consider to secure IoT (endpoint security, network security, etc), one of the key pieces of the puzzle is figuring out how to leverage the massive amounts of data streaming off of the device to your advantage.
A Data Driven Approach to Preventing IoT Cyber attacks
Big Data can play a critical role in protecting an organization and their assets from these IoT related cyber threats, and the future of fighting IoT cyber-crime will rely on leveraging data for cybersecurity purposes. Based on a recent Forrester report on IoT Security, — “IoT security means watching at least 10 times, if not 100 times, as many physical devices, connections, authentication, and data transfer events as today. Having strong security event data collection capabilities and the ability to intelligently sift through enormous data sets will be crucial to the security of IoT-enabled systems.”
Given all of this, there are two things organizations must think about when preparing themselves for this new era…
1. Rethink the Security Perimeter
Recent attacks that have leveraged IoT devices have highlighted the fact that the ‘security perimeter’ is now more conceptual than physical. The constantly evolving nature of our new hyperconnected world leads to constantly evolving threats as well. As the technical community continues to connect the world and drive innovations that improve home safety, improve medical care, and transform transportation, it’s clear the bad guys will seek to exploit those same innovations for nefarious gains. We need to rethink the security perimeter as the edges of the organizations continue to extend beyond the traditional boundaries we were once used to.
2. Threat Detection at IoT Scale
As the world continues to become hyper connected, the number of security events that any one organization must store, access, and analyze grows significantly as well. Having a cybersecurity platform that can scale to trillions of events is key in ensuring comprehensive monitoring of all of the devices connecting to and accessing an enterprise’s network. Applying machine learning for anomaly detection will allow organizations to continue detect the suspicious endpoint behaviors without sifting through countless false positives with humans due to poor signature and correlation based rules. Pairing platform scale with machine intelligence will be the key to early detection of IoT born advanced threats.
Why do we care about this at Cloudera?
Organizations levarage Cloudera’s Enterprise Data Hub (EDH), powered by Apache Hadoop, to not only analyze and derive value from all of the IoT sensor data that is generated, but also to drill into advanced security events and threats. Cloudera’s Enterprise Data Hub (EDH) for cybersecurity, provides a modern future-proof architecture that allows organizations to ingest, store, access, and analyze 100s of billions of security events. Applying machine learning to data at scale allows enterprises to do anomaly detection to discover new and advanced attacks, including IoT based attacks. Harnessing the same platform, open source innovation, and partner ecosystem of applications built on Cloudera’s EDH, organizations can leverage the same platform to unlock new IoT value while protecting themselves against the risk of future threats.
To learn more about Cloudera for cybersecurity, visit: http://www.cloudera.com/solutions/cybersecurity.html
To learn more about Cloudera for IoT, visit: http://www.cloudera.com/solutions/iot.html