[vc_row][vc_column][vc_column_text]By Paul Hirsch, Senior Technology Strategist
Did you know that there are already more networked devices than people? Did you know that it is projected that by 2020 there will be eight times more networked devices than people? IoT is a HUGE market! Wait, soooooo…. what IS IoT? As with cloud, IoT represents a lot of really useful technologies grouped with a comically vague buzzword. Examples of devices in the IoT category include:
- Your Internet connected printer
- Your Internet connected game console or video streaming device
- Your Internet connected thermostat
- Your Internet connected security camera
- Your Internet connected baby monitor
- Your Internet connected car
- Your Internet connected Internet connection device
- Your Internet connected house robot “Jerry”
- All Internet connected devices produced by Cyberdyne systems, which will gain consciousness on August 29th, 1997 at 2:14 a.m. ET (*They are running a bit behind schedule, but you will know when it happens cause Jerry will be a real jerk)
Can you spot the subtle common thread? Yes: “Internet” (“Cloud” is implied as well, since many of these connect to a cloud service.) With great connectivity comes great responsibility, but many IoT products have fallen into the same traps that servers, PCs, and smart phones have before them. Some of the problems are built in by the manufacturers, but others are caused by customers. Recognize any of these classics?
- “I depend on THING for my very existence, so I bought the cheapest WiFi access point I could find, used an Ethernet hub I fished out of a dumpster, and connected everything with Cat1D.” (D is for duct tape)
- “The security of THING is critical, so I didn’t change the default password. Also, what is a ‘Firewall’?”
- “I care about being a good Internet citizen, so I have never and will never update the software on THING.”
- “THING makes me complete and has lights and stuff. I will sell my arm for a new THING. I will not spend a dime on a UPS to keep THING from being fried by lightning.”
Sounds like the same list when dealing with computers, right? That is because IoT devices are just computers. They usually run a Linux derivative or one of a handful of real time commercial operating systems. On that base they add some custom software, sometimes written with little thought given to safe programming practice or basic information security. Then they spit out thousands of them to sit on unprotected networks, never get updated, and generally be neglected. In some cases they are politely asked (using default usernames and passwords) to join a botnet, later being used to help carry out massive DDoS (Distributed Denial of Service) attacks like the multiple record setting DDoS attacks carried out by Mirai botnet controlled cameras in the last months.
The truth is that IoT in a business setting needs all the same things anything connected to the Internet needs: A well designed, secure, reliable, monitored, and managed network built to meet current and future needs. Firewalls, switches, wireless, cabling and infrastructure, power and cooling, physical security, network design, cloud services, and managed services must be considered for every IoT deployment.
IoT devices are computers and must be taken just as seriously. Let that thought be your guide with whatever types of T you want to connect to the I.[/vc_column_text][/vc_column][/vc_row]
Don’t Be Fooled By Undercover Malware: Watch Out For Ghostware, Two-faced Malware and Compressed Files
The costs of data breaches can be staggering. Consider the breach at Anthem last year that cost the health insurer $100 million. Target topped that loss a year earlier with a breach that exceeded $162 million. With stakes this high, it’s more cost-effective for companies to prevent intrusions than deal with the consequences; and many are increasing spending on cybersecurity.
But with the expanding number of attack surfaces and growing tenacity and creativity of cyber criminals, it’s become more difficult for organizations to keep the upper hand. This is especially true in the fight against malware. As malware detection tools improve, malware authors find new ways to create malicious code that conceal signs of compromise or avoid detection by security sandboxes and scanning technologies. Among the most dangerous malware threats to beware of in 2016 are ghostware, two-faced malware and malware hidden in compressed files. Here’s what you need to know about each of them.
Security monitoring software is constantly searching for signs of abnormal behavior, and most of today’s intrusions eventually catch a security administrator’s attention. Ghostware tries to get around this by wiping out evidence of malware’s activity, leaving no records behind to alert an organization that it’s been breached. Organizations that do figure out they were breached, often can’t tell which data was compromised or who was behind the attack. Other dangerous software takes an opposite tact—like blastware, which instead of erasing all traces to avoid discovery, wipes out entire servers if it recognizes it was detected. All to often, the consequences for victims include the high costs of data loss and operational downtime.
Some malware—like two-faced malware, for example—plays innocent before revealing its true colors. Written to register as safe when evaluated by threat intelligence programs, two-faced malware recognizes when it’s in a sandbox, and performs its malicious action after the sandbox grants it access to the network. Even worse, once a sandbox rates two-faced malware as benign, future enhanced versions of that malware may not be examined in the sandbox at all.
File compression is necessary to reduce file sizes for efficient transmission, but malware finds compressed files to be convenient hiding places. Some security software can scan only ZIP files, not other compressed formats. These compression techniques often prevent suspicious files from being recognized by the scan. Compressed archives can also contain multiple files that individually aren’t dangerous; but taken together, are malicious. Fortinet’s “Test Your Metal” tool lets you test your network security software to see how well it handles malware in a compressed file.
So, what can you do?
Get ahead of the threats. Experts think more malware will use these techniques this year, so it’s important to get your defenses in place now. Start with assessing your environment to identify the specific risks you face, and work with experts to deploy effective technologies to protect you against current and upcoming threats. Learn more about how Citon specialists can help.
A survey conducted by Opinion Matters indicates C-level enterprise executives are slow to accept Chief Information Security Officers as key corporate decision makers.
Of the roughly 300 C-level executives surveyed, 74 percent indicated they did not feel CISOs deserved a spot at the decision making table. At the same time, 44 percent indicated CISOs are to blame for network security compromises.
The report highlights the struggle companies are facing in the new world of cyber crime. While the cost of attacks are increasing significantly, companies are still evolving in their approach to the issue. The Opinion Matters survey showed that “61 percent of executives do not feel their CISO would be successful in a leadership position outside of information security.”
That leaves companies — executives and CISOs alike — in an interesting position. As noted by the survey’s conclusion, the role of security officers no longer solely relates to network infrastructure — instead, the focus is shifting to the business health of an organization.
“They (CISOs) must realize that as members of an enterprise’s senior leadership team, they have to demonstrate value beyond information security by aligning cybersecurity strategy with business goals — enabling the organization to succeed and reach its strategic objectives,” the conclusion states.
Want to have a chat about network security and what it means for your company or organization? Call Jon Heyesen, Citon’s Director of Business Development, at 218.720.4435 or email him at email@example.com.