 |
| Source: Hillstone Networks. Liu. |
Tim Liu, CTO, Hillstone Networks summarised the situation. “Traditionally, security in the IoT space has been lacking due to various reasons such as the myriad of vendors and proprietary protocols. This includes lack of security awareness and focus, as well as the lack of end user interaction with the devices – all of which result in fewer chances of detecting possible breaches,” he said.
“We have seen specific security solutions that target segments of the IoT market, such as security for smart cars and camera networks. This market will grow in 2019. Elsewhere, we will see IoT adoption enterprise-wide in the next few years; compliance requirements and data protection requirements will drive IoT security in those areas.”
 |
| Source: Malwarebytes. Hurmuses. |
One of the likeliest scenarios is hijacking IoT devices for cryptomining, ESET said. According to the security firm, an increase in the adoption of cryptocurrencies, as well as a rise in the number of devices connected to the Internet, is the perfect recipe for attackers to build cryptomining farms with smart devices and home assistants as their entry point for 2019.
“Cyberattacks specifically designed to attack IoT devices, such as automated scripts that exploit vulnerabilities in connected devices or processes that are designed to take control of them, will become more frequent,” the company predicted.
 |
| Source: Symantec. Trilling. |
With 5G, the already large attack surface afforded by the IoT will soon become much larger. Hugh Thompson, Symantec CTO and Steve Trilling, Senior VP and GM Security Analytics and Research at Symantec noted that an expected rapid adoption of 5G “will catalyse new operational models, new architectures, and consequently, new vulnerabilities”.
“Over time, more 5G IoT devices will connect directly to the 5G network rather than via a Wi-Fi router. This trend will make those devices more vulnerable to direct attack. For home users, it will also make it more difficult to monitor all IoT devices since they bypass a central router. More broadly, the ability to back-up or transmit massive volumes of data easily to cloud-based storage will give attackers rich new targets to breach,” they said.
 |
| Source: Juniper Networks. Pitt. |
Data in transit at risk
In addition to being used for denial of service attacks, Thompson and Trilling said the data passing through home routers and other IoT hubs will be of interest to cybercriminals. “Malware inserted into such a router could, for example, steal banking credentials, capture credit card numbers, or display spoofed, malicious web pages to the user to compromise confidential information. Such sensitive data tends to be better secured when it is at rest today.
“For example, e-commerce merchants do not store credit card CVV numbers, making it more difficult for attackers to steal credit cards from e-commerce databases. Attackers will undoubtedly continue to evolve their techniques to steal consumer data when it is in transit,” they said.
 |
| Source: Synopsys. Jarva. |
Several vendors noted that cybercriminals are now targeting critical infrastructure as well.
In Trend Micro's Mapping the Future: Dealing with Pervasive and Persistent Threats report, the company predicts that countries learning and exercising their cyber capabilities will conduct attacks against smaller players’ critical infrastructure. “They will do so to gain political or military advantage, or to test out capabilities against countries that do not yet have the capacity to retaliate,” explained Nilesh Jain, VP, SEA and India, Trend Micro.
Said Andrew Tsonchev, Director, Darktrace Industrial: "As cyberthreats become faster and more sophisticated, and with increased interconnectivity in organisations, traditional defenses that surround critical infrastructure are failing to keep out modern attackers. Rather than stealing data to make a quick buck, hackers can leverage on technology in interconnected environments to turn off the lights, disrupt transport systems, and ultimately threaten public safety.
 |
| Source: Darktrace. Tsonchev. |
Hackers who have traditionally targeted IT systems, are now starting to attack operational infrastructure of companies. According to a recent study by Cisco, 30% companies across Asia-Pacific, Japan and China have already had an attack on their operational infrastructure, while 50% expect such an attack to take place in the future. This has huge implications for companies,” said Stephen Dane, MD, Global Security Sales Organization, APJC, Cisco.
“To be able to better protect themselves, companies need to ensure that their security posture has three key elements; visibility, segmentation and threat protection.
 |
| Source: Cisco. Dane. |
Data integrity under attack
Cybercriminals could also disrupt things by undermining the public’s trust in the digital data held by the organisations it depends on. "They will do this by, instead of simply exfiltrating data, subtly changing it. These attacks would be stealthy, like a piece of code that turns on for 15 seconds a month and alters various data points,” Tsonchev said.
"It would take weeks or months for an organisation to identify that, if they did at all, at which point all the actions that depend on the initial data being correct would be similarly spoiled. Should this happen in a critical sector, like blood type data in hospitals, the consequences would be to undermine the public’s trust in its nation’s competency to provide dependable services."
“In the Asia Pacific region (APAC), many countries are moving forward with smart city and Smart Nation initiatives. This opens the opportunities for a new wave of IoT cyberattacks. Attacks could be approached from a data poisoning perspective in which faulty information is intended to influence organisational decision making through the sensors deployed within the target city or nationwide,” agreed Olli Jarva, Managing Consultant at Synopsys.
 |
| Source: Symantec. Thompson. |
"We expect to see growing numbers of attacks against IoT devices that control critical infrastructure such as power distribution and communications networks. And as home-based IoT devices become more ubiquitous, there will likely be future attempts to weaponise them,” they said.
Beware of IoT at home
Enterprises will also be attacked via employees’ Internet-connected home devices, said Jain. “We will see a few targeted attack scenarios in 2019 that will make use of smart speaker weaknesses to access enterprise networks through employees’ home networks,” he predicted.
 |
| Source: Trend Micro. Jain. |
 |
| Source: Fortinet. Newton. |
"What we learned is that nearly all companies have already begun at least a basic convergence of OT and IT. As these organisations begin to actively converge these environments, however, they are encountering issues related to integration and security that they may not be equipped to handle. IT teams have a tendency to just want to throw security technology at the network and call it good. But these networks can be very different, and what works well in one environment can have devastating consequences in the other," he said.
"Changing out that technology may not be as simple as it sounds and every minute of down time costs money. But at the same time, there are increasing business cases to be made to tie these systems to the larger network...But that means connecting these systems to an open IT environments, thereby exposing that portion of your organisation to new forms of cyberattack it was never designed to detect and defend against."
The issue is magnified when 56% of organisations outsource at least some part of their SCADA/ICS* infrastructure and security, and grant outside parties complete or high-level access. "This is also why over three-fourths of respondents plan to increase SCADA/ICS security spending in the next year more than in other areas," Newton added.
“The first place to start is by choosing a security vendor that specifically addresses the cybersecurity, safety, and reliability challenges being faced by the OT industry. Not all security solutions are the same, especially when it comes to securing OT. You need a vendor that offers a full range of specialized tools and protocols designed for OT environments, and that has established strategic partnerships with the industry’s leading OT security specialists. And these solutions need to be field tested and proven. Unlike IT environments, OT systems and devices cannot afford to be taken offline by an inappropriate security solution,” recommended Newton.
He also said that OT security solutions must be easily integrated into a central security platlform that spans the larger network, and also flexible enough to accommodate solutions from many other partners.
Tsonchev stressed that action is needed to prevent attacks from doing harm once discovered. "Organisations need to shift their focus from post-breach response to early detection, which will generate a far more positive outcome for their organisation and their stakeholders," he said.
"The only way to combat stealthy attacks will be for organisations to embrace new technologies, like artificial intelligence (AI). AI that detects and responds to emerging dangers wherever it originates, will enable organisations to regain control of their networks and prevent early-stage threats from escalating into full-blown crises."
Explore:
Browse the full list of 2018 round-ups and 2019 predictions in TechTrade Asia
DigiCert found that companies struggling with IoT implementations could lose US$34 million or more from IoT-related security breaches.
Read the Keysight 2018 State of 5G report (PDF)
*SCADA/ICS stands for supervisory control and data acquisition/industrial control systems, part of the OT side of the equation.
No comments:
Post a Comment