The internet of things (IoT) promises a connected ecosystem that offers convenience, improved productivity, and intelligent, data-driven devices and systems. Depending on who you talk to technical hurdles, implementation challenges or regulatory policies are the primary challenges for the IoT. As a cloud security vendor, our focus is data, platform, and apps security. Based on our experience with IoT security, we believe that securing the disparate pieces of the IoT ecosystem is critical.
The three main areas we focus on in IoT security are its devices, platform and API.
IoT devices are the most visible because of their wide adoption and large numbers. There are 22.9 billion connected devices currently and there will be 50 billion things in 2020 according to Statista. These devices are targeted for a number of reasons.
The “things” of the IoT are significantly under-protected as we recently saw with the Mirai botnet. Here, CCTVs, DVRs and routers were the primary devices used by the botnet herders to launch a massive attack. The reason a significant number of endpoints, appliances and similar devices are not protected against cyberattacks is because manufacturers didn’t design them to operate in a digital environment. The burden of keeping them updated with patches falls on the user. For example, certain smart devices may require users to download and mount updates on removable drives and then apply those updates manually.
As long as IoT vendors do not see security for their devices as a crucial component of their offerings, we will continue to see the IoT being exploited and used in cyber criminal activity. The good news is that IoT vendors are now becoming aware that the availability and integrity of their IoT platform and apps are crucial business requirements and that’s where Incapsula comes into play.
Securing the Platform
IoT devices, some of which are manufactured cheaply, are connected to the internet to operate. More connected devices give cybercriminals a large playing field to target. Many of these devices have unsecured signals, or broadcast their information across unsecured networks, allowing criminals to intercept the data and misuse it.
Lack of support and updates can be problematic for the IoT. As a smartphone owner, you’re notified whenever there is an update for any of your apps. You can also set your phone to auto-update apps in the background. However, this may be a challenge for IoT devices that don’t have automatic updates.
Consider a router’s firmware, for example. It’s uncommon that people update their router every six months or even annually. The lack of automatic updates and support make these devices vulnerable to hacker exploits.
Protecting the web app or the platform that communicates with the devices at the end points is critical. With customers relying on availability, data privacy and service integrity, platform security is indispensable for businesses.
There are several layers that need to be protected to prevent threat actors to intercept and misuse data in the IoT platforms.
- The IoT platform needs to be highly available so IoTs can connect and do what they are supposed to do. An unplanned downtime for medical device companies can be very disruptive and dangerous. What happens if your medical device cannot connect to the platform?
- The data exchanged between the IoT devices and the platform needs to be secure. Data and privacy breaches are getting more frequent as threat actors target personal data through attacks on web and mobile phone cameras and appliances.
- The apps need to be secured so no one can manipulate devices to do malicious things. Breaches in extreme situations in connected automobiles can include hackers taking over the control of a car by hacking into the geolocation app.
APIs are fundamental to building secure components of the IoT. A flexible API management system helps developers build apps and features for the devices. API management can protect against improper versioning and support for older things, help implement developer and device registration and security, and provide visibility into performance and analytics. With each IoT device having a unique set of requirements, APIs become the source for building a secure app.
At Incapsula we secure APIs by both protecting the platform used by the developers and the infrastructure the platform sits on. A web application firewall protects apps against application layer DDoS attacks. With a secure API platform, developers can build apps with confidence and follow the necessary checklist of best practices for building a secure app. Since app development will likely be unique in every organization, a WAF’s customizable security rules can be tuned to suit each specific solution allowing developers to build with confidence.
How Incapsula Secures the IoT
Incapsula helps IoT companies by protecting the platform devices communicate with and are controlled by. Incapsula shields IoT platforms from any kind of external threat that might impact availability, data integrity or control.
When Incapsula is deployed all the data exchanged between the IoT devices and the platform is routed through the global Incapsula network of data centers.
Here are a few examples of security threats on IoT platforms that Incapsula prevents:
Distributed denial of service (DDoS) attacks continue to be the biggest risk today with attacks taking down sites and making them unavailable. By blocking the most critical web application security risks, such as SQL injection, cross-site scripting, illegal resource access, remote file inclusion and other OWASP Top 10 threats, our solutions are effectively securing the IoT.
Incapsula Website Security secures the cloud platform for IoT devices by protecting the infrastructure it resides on. Incapsula is positioned in front of your servers and acts as the ISP, advertising all protected IP range announcements.
Customizable security rules, level 1 PCI-certification, low false positive alerts and crowdsourced threat information analyzed by our security team add extra layers of protection to an organization’s security portfolio.
Infrastructure protection for subnets and individual IPs prevents data from being compromised. All incoming network traffic is inspected and filtered, and only legitimate traffic is securely forwarded to the enterprise network via GRE tunneling.
Automation and bots
The threat of devices being infected by malware and becoming part of huge botnets is significant with the rise of the IoT. Incapsula bot classification checks all traffic and uses sophisticated technology and analysis to detect bot behavior, headers, and other signatures.
The IoT is becoming more complex and also an integral part of our lives. As it grows so do the number of threats targeting it. We will continue to expand our protection of IoT platforms and devices and look out for emerging trends and cyber threats and will keep you informed as they develop.