Cybersecurity in the era of connected devices
Cybersecurity in the era of connected devices
The world of technology has advanced exponentially since the development of the first microcontroller. The compute units have evolved from the size of football fields to that of a grain. The cliché that now a processor the size of a few millimeters has more processing power than the computer used to take humans to the moon, is not an exaggeration. However, with these advancements, the power wielded by cybercriminals has also increased proportionally.
While most companies are now taking cybersecurity seriously, they are far behind in the actual adoption of cybersecurity products. They lack awareness about different attack vectors (i.e. weak points in their network). Further, the cybercriminals are adapting new technologies for attacks at a much faster pace. One of the new entry points for hackers is IoT devices.
With growth in technology, miniaturization of everything, and widespread adoption of the internet came a new breed of devices — the Internet of Things (IoT). The connected devices that started as an industrial product used by big manufacturers are now they everywhere around us. From the cars we drive to consumer appliances we use in our homes to even the smart watches we use, the IoT devices are everywhere. As they increasingly become part of our daily lives, it is easy to forget that they are equally vulnerable to attacks as the computers we use. Some of us even forgot that the mobile devices we carry are wide open to attacks from cybercriminals.
The damage a malicious actor can inflict with these devices is far and wide, from shutting down nuclear power plants to stopping somebody’s heart, from listening in on your private conversations to start and stop your car remotely, so on and so forth.
On the industrial side, as organizations move from human-to-human processes to machine-to-human and now to machine-to-machine processes, the integrity of data coming from IoT and machine sensors becomes much more critical. Any tampering of data can cause the organization to lose millions of dollars. Connecting the IoT devices with relatively weak authentication on to internal network can compromise entire enterprise network.
IoT devices often use third-party, open-source components from undisclosed or undocumented sources resulting in a firmware that is a vulnerable attack surface, which hackers find irresistible.
So how do we protect these devices? Well, the answer is also technology. The way a cybercriminal uses latest technologies to infiltrate and damage the systems, we can use the same technology advancements to defend and fortify the networks.
However, protecting the IoT devices is not as straightforward as installing an anti-virus in the system. The IoT devices are much more complex due to primarily because of lack of standardization in operating procedures, protocols and components etc. Further, most of the IoT devices are based on low power systems.
The security in the IoT space is broadly divided into two main areas.
- Device security — Protecting the IoT device, and its cloud provider from outside attacks.
2. Network security — Protecting the customer / enterprise network that these IoT devices operate on.
Each OEM wants to deliver a robust IoT device or sensor so that the threat of a cybercriminal attacking the device or sensor to compromise its data integrity or even alter its behavior is minimized. Governments are now mandating that OEMs operating in industries such as healthcare devices, automobiles, security devices, etc., perform security audits on the devices at regular intervals and release firmware update patches for any identified vulnerabilities. The focus is to implement strong security protocols starting with industries where the devices are dealing directly with human life.
The OEM has to assess the potential threats to both the hardware and software system to ensure that the data is not compromised in any way. Tamper-proofing the device to ensure that it is not susceptible to any physical attack is a major challenge.
With the growing need for IoT device security, many new startups have emerged providing solutions ranging from generic SaaS solutions to highly customized services. However, the biggest challenge for them is to connect and work with large enterprise OEMs. The large OEMs prefer working with established and reputed vendors for cybersecurity solutions. Further, considering the specialized use cases, the potential markets for these startups become limited.
Some of the device security companies and the solutions they provide are
· Praetorian — based in US, provides IoT product security evaluations and certifications, and helps in setting up security standards for the industry.
· Redwall Technologies — based in US; provides firmware security solutions for medical devices, wearables, industrial IoT devices, connected vehicles, etc.
· Nanolock Securit — based in Israel; provides security solutions for device level persistent attacks, flash to cloud solutions to secure IOT and connected edge devices and dashboard for device level visibility and forensic data.
· 3i Technology Solutions — based in India; provides a SaaS-based security solution, 3i IoT Defender, which leverages machine learning to identify, classify, and profile individual personalities, assess risk, and enforce trusted behaviors for industrial IoT devices.
· Amynasec — based in India; provides research oriented security evaluations and vulnerability testing.
Being low power devices with considerably less processing capabilities and clock speed available, most of the OEMs are moving from implementing the security solutions on the edge device to the cloud. While these solutions are easier to implement, it makes the devices vulnerable to network attacks. Thus, the OEM has to monitor the network activity (Bluetooth, WiFi, 4G, etc.) of the device to a make sure that the data is not compromised in any way.
Unlike device security, the responsibility to secure the network rests with the enterprise operating the IoT devices. An attacker’s goal usually is to use an IoT device as the weakest link and then open a channel in the enterprise’s internal network.
Implementing network-level solutions is more accessible than implementing device security as the processing power of the device is not affected. Further, expanding the existing traditional network security measure can protect against attacks on the IoT devices. As a starting point, a traditional IDP (intrusion detection system) or a basic network firewall can be extended or re-programmed to identify and prevent such attacks.
With a large market ranging from large scale enterprises to small and medium enterprises to even the end consumers, the network security tools has seen many startups mushrooming in the past few years. Some of the traditional network security companies have also developed new products to address the specific concerns for connected devices.
Many of these solutions use AI for pattern matching or anomaly detection algorithms to identify any malicious data coming in.
Some of the network security products addressing the IOT devices are
· Bitdefender Box — based in Romania; Bitdefender is a traditional network security company which has launched the new Bitdefender Box product to specifically address security of connected devices.
· Palo Alto Networks — based in US; provides a next-generation firewall (NGFW), endpoint protection, threat intelligence, and a cloud-based security solution to the organizations.
· Lazarus Networks — based in India; provides cloud-based cybersecurity solutions. Some of the products uses AI and blockchain to identify the network threats.
What is the future?
The use of IoT in our lives has increased manifold resulting in a large growing market for connected devices. According to some estimates, the market is expected to increase from 15.4 billion devices in 2015 to 125 billion in 2030. As the IoT market booms, the IoT security market will grow, giving multiple companies a chance to evolve and address new age security issues. As the customers become conversant with evolving technologies, they want more dynamic solutions that can address the growing risks from sophisticated attackers.
Because of the ever-evolving technologies and solutions, cybersecurity sector has been attracting attention from investors in the past decade and will continue to do so.
Recently, Perigee, a Boston based startup to secure the HVAC and elevator systems of buildings, raised USD 1.5 million in a seed round to start product development. Another provider of vulnerability assessment solution for IoT devices based in Israel, Vdoo, raised USD 57 million in its Series B funding round.
CYE, C2A Security, Securithings, Medigate, etc. are some of the companies operating in Security of IoT devices and have gone on to raise funding in Series A+ rounds.
Along with funding, we also see some prominent acquisitions in the market. Insight Partners acquired Armis for the valuation of USD 1.1 billion along with the participation from CapitalG for USD 100 million. At a valuation of USD 1 billion, F5 acquired Shape Security, a California based company selling fraud prevention platforms to retailers, airlines, banks and government agencies.
The growing global activity on IoT securities market, has also resulted in the rise of companies like SecureThings and Amynasec providing IoT based solutions in India.
Over the years, cyberattacks have grown at a rate of 16%, thus providing a strong platform for growth to companies promising to secure system from such attacks and opportunity to increasingly provide innovative solutions.