Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

IoT Security

Endpoint Security and the Internet of Things

Today’s growing attack surface is dominated by non-traditional endpoints.

In 2016, the Mirai Botnet hijacked over half a million DVRs and IP cameras, redirecting traffic from these endpoints to some of the internet’s largest brands and taking many services offline. To those in the security community, the attack wasn’t surprising; typically, affordable, commodity internet devices are poorly secured. One unintended consequence of their rapid adoption is expansion of the digital attack surface. We’re on the brink of hypervulnerability in the connected world—put there, in part, by an unwitting accomplice: the endpoint.

Today’s growing attack surface is dominated by non-traditional endpoints, ranging from something as innocuous as an internet-connected toy to something as critical as connected sensors controlling energy production in a nuclear plant. Emerging virtual endpoints, such as cloud microservices and containers that swarm by design, exacerbate the problem. According to Statista, by 2020, the number of connected devices in the internet of things (IoT) will grow to 31 billion. IoT includes embedded systems in retail, automotive, home automation and entertainment devices, as well as operational technology in the manufacturing and energy sectors. There are already proven hacks of these technologies, and as the population grows, it’s hard to imagine how any service pack program or standards body can keep up. As a result, IoT will likely contribute significantly to security vulnerabilities.

Securing the “thing” is not the answer; there will always be too many to manage. Consider an approach leveraging techniques society has used throughout history to protect a large, growing populace. We certainly didn’t tag every human to monitor for compliance (although it could be very lucrative for someone selling that snake oil!). Instead, observing and patrolling to increase visibility, coupled with analysis and tactical action when problems are spotted, have provided a pragmatic approach to reducing risks inherent in explosive endpoint growth.

In practice, breaking down the process into three parts tempers what could be an overwhelming task.

1. Focus on what you can see. Endpoints often have a control point, whether a physical gateway or router in a home or business, or a firewall or proxy at a network or cloud boundary. Get your visibility there and, when possible, control it ruthlessly.

2. Simple analytics is your friend. Non-traditional endpoints share an often overlooked characteristic: their behavior is predictable. Applying machine learning for baseline modeling is extremely effective to profile risk, detect anomalous behavior and stop it on a large scale.

3. Hire the best staff you can find, because we will never stop having to patrol, investigate and remediate—and with properly applied analytics you won’t need your army of employees to grow exponentially with the endpoint explosion.

Success comes down to laying a foundation of monitoring and control to reduce your risk exposure and applying intelligent techniques to the growing endpoint populace. Embrace it, because these technologies make our lives better.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

IoT Security

Vulnerabilities in electric vehicle charging management systems can be exploited for DoS attacks and to steal energy or sensitive information.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

Taiwan-based networking and storage solutions provider Synology has informed customers about the availability of patches for several critical vulnerabilities, including flaws likely exploited recently...

IoT Security

Chinese video surveillance company Hikvision has patched a critical vulnerability in some of its wireless bridge products. The flaw can lead to remote CCTV...

IoT Security

Censys finds 30,000 internet-exposed QNAP appliances that are likely affected by a recently disclosed critical code injection vulnerability.

IoT Security

Security researcher Matt Kunze says Google paid him a $107,500 bug bounty reward for responsibly reporting vulnerabilities in the Google Home Mini smart speaker.The...