Derek Manky, Global Security Strategist, Fortinet
The Internet of Things, also known as IoT, has delivered some exciting new developments, including light bulbs that change depending on your mood, wearable fitness device that dials emergency services when you're having a heart attack, and refrigerators that can 'talk' with your smartphone.
They have been dubbed as the 'devices of the future', networked together and uplinked to a cloud where you can access the information anywhere in the world. Even when you are away from home, you can be plugged in to everything that's important to you at home. It's a futurist's dream, but also a security nightmare at the same time.
Derek Manky, Global Security Strategist at Fortinet, who was in Singapore for the recent Govware 2014, shares his insights on the IoT phenomenon, including trends, opportunities, as well as common security loopholes. He also shares some recommendations for both industry players and policymakers on mitigating such risks.
What are some emerging trends and opportunities revolving around the Internet of Things (IoT)?
Android threats have been the most prominent thus far. We have seen ransomware threats and mobile botnets attack mobile devices, and the emergence of Havex (industrial control attack) this year.
We have observed and researched Havex in our labs. It is a piece of malware that is custom-coded to blueprint SCADA networks and hardware, and this information is then sent back to the attacker. We are definitely expecting to see more of such malware down the road.
In terms of vulnerability and attack, Heartbleed and Shellshock are the two best references in terms of attack opportunities. These are vulnerabilities that affect a widely deployed base, including many IoT devices. In fact, when Heartbleed first came out, we saw 90 percent of attack activity (in terms of volume) occur in the first two weeks out of six months.
Another trend is that as these IoT vulnerabilities are still fresh, attackers are capitalising on this opportunity and launching attacks quite rapidly.
The 'attack surface' is much larger as more and more applications are being developed. What are the security implications of this, and how can we work towards mitigating these risks?
To sum it up in a word: fragmentation. With a larger attack surface, it becomes much more fragmented in terms of endpoint security and management. It is tough to try to have an antivirus control process running on all of your IoT devices - it's likely that one doesn't even exist. Therefore, network-based inspection for IoT will become crucial as we move forward.
I emphasized network-based inspection since threats are bound to expand to more and more platforms (or attack surfaces) such as routers, network attached devices and printers. It is not practical to have an end point solution for all of these devices - for instance, antivirus on your printer.
Sign up for MIS Asia eNewsletters.