It’s Cybersecurity Awareness Month and we asked our in-house IoT security guru, Julian Durand to help get the word out on the importance of device security. Julian is our Vice President, Product Management and Chief Information Security Officer at Intertrust.
1. What is IoT cybersecurity and why do we need it?
If you look at the big infamous hacks over the last 10 years, you will notice an alarmingly atrocious and threatening behavior from hackers. IoT devices get recruited into massive botnets that are powerful networked computers used to launch further attacks; or baby video monitors that hackers sell “movie passes” to view other people’s kids; or cars that are taken over by malicious actors – even while they’re in motion, carrying people inside. Cybersecurity protects us against all these hacks using a robust identity solution.
2. What are the biggest cybersecurity threats right now?
The cybersecurity threats of greatest concern are focused on critical infrastructure; particularly the energy sector. While Germany is actively transitioning away from dependency on Russia, three of their wind energy companies were attacked by Russian hackers. Hacking critical infrastructure such as oil and gas pipelines, electricity grids and even distributed energy resources has become the sole purpose of cyber armies in a hot shooting war in cyberspace. Cyberwar is waged on a daily basis on the internet, and our critical infrastructure is the target. This indeed is the greatest cybersecurity threat of our age!
3. What are some of the risks, vulnerabilities and threats involved in an IoT network?
There are many but to name a few important ones:
First, today’s IoT networks are optimized for cheap devices – not trust or safety.
There are dozens of protocols for wide, neighborhood, local and personal area networks that are primarily designed and implemented to address the challenges of sensor and actuator based “things” connected to the internet. While these networks are intended to be “secure”, that notion of security often takes a backseat to minimizing cost, power consumption and battery life, exposing themselves to attackers.
Next, there’s often inadequate security in the network protocols.While security protocols such as IPSec and TLS have been deployed as part of the IP networking stacks, they have fallen into disfavor due to their inadequacy to address the threat model – as demonstrated by almost daily examples of deeper and more widespread breaches and compromises.
Also, companies often forget about securing intermediaries. nubs, routers, headends are good hunting grounds for middle men attacks.
We considered the spectacular growth of Mozi and other botnets through the IoT that not only operate at hyper scale, but have automated reconnaissance, vulnerability scanning, exploitation and ownership of these intermediate (and cheap) IoT machines in the IoT network. The Man In The Middle (MITM) attacks are very powerful attack vectors. Once a machine is compromised, all traffic through it can be viewed, modified, and traffic analysis can lead to generate a pipeline of new victims to continue this automated worming growth.
4. So, what’s the best way to prevent device identities from being compromised?
Deploying a robust identity management solution built on a proven Public Key Infrastructure paired with good hardware device security is the best way of preventing device compromise. No alternative to that!
5. Does Intertrust offer a solution to these device security challenges?
Yes! Intertrust PKI, or iPKI!! Over 75 billion IoT devices are projected to be online by 2025 and many of them are already harnessed into BotNets – taken over because of their bad security and poor implementation of PKI. Utilities, electricity equipment OEMs or gas pipelines must use a public key infrastructure (PKI) that will provide a secure backbone to their IoT network, such as Intertrust PKI. You can read this article to understand it better – https://www.intertrust.com/blog/what-is-pki/.
6. Any other tips or broad considerations you would like to share around cybersecurity?
Implementing good cybersecurity isn’t easy, but neither is it impossible. And it’s important to remember that protection, even if complicated, is much easier than trying to repair from a significant breach. The complication of cybersecurity can be minimized by working with experts. We’ve been doing this for over 30 years at intertrust – give us a call, we’re here to help.