Tuesday, 21 February 2017 16:14

Three groups threaten IoT devices, says expert


Attacks on Internet of Things devices and infrastructures are likely to stem from three groups, with each having of cyber crime and motivated by its own goals, according to Simon Howe, director of sales for ANZ at LogRhythm, a leading security information and event management company.

“Companies are investing heavily in drones, planning to use them for anything from remote monitoring of assets to the delivery of products to end users, Howe told iTWire in an interview.

"Like driverless cars, smart grids, and smart homes that can be remotely controlled, IoT is an increasingly attractive target for criminals who could use them to create damage and disruption.”

Howe said the first groups which would attack IoT devices and infrastructure were organised crime groups that operate globally and have become highly skilled in cyber crime. They have attacked everything from Bank ATM networks and company IT systems to retail and government systems. The motivation was financial gain.

Logrhythm Howe

Howe said the second was state attacks — foreign governments — intent on gaining a political or economic advantage. "There have been instances of government-sponsored attacks that have targeted vital infrastructure in other countries and this is likely to increase as IoT infrastructures grow. The motivation is knowledge and therefore power."

And, he said the third was terrorist groups. These are an emerging threat, but were seeking ways to exploit vulnerabilities and cause disruption, panic and loss of life.

Howe said IoT represented a huge potential attack surface for cyber criminals, because of the vast number of connected devices and because many were developed with little attention paid to security.

"Many connected devices are small and basic that means they don't have a lot of extra processing capacity or network bandwidth resources. They simply cannot support sophisticated security software on the device as is the case with computers or mobile handsets. Add the fact that they are spread across large areas with little hope of physical management and things become even trickier," he said.

But he pointed out that while these factors may make the IoT security challenge seem impossible, one should realise that these devices were still just computers. They lacked the capabilities of PCs but still had an operating system, a user interface and a network connection.

"The devices also produce streams of data, which can be particularly useful when trying to improve their security. There is significant potential to extract this data, analyse it remotely, and use the results to detect anomalous activity," Howe said.

"The techniques used here can be like those used in other areas of IT security. These include log management, networking monitoring, forensics and endpoint monitoring, all of which are valid in an IoT world."

Howe said achieving effective IoT security meant connecting many security tools and streamlining and automating their function. This approach, dubbed Security Automation and Orchestration (SAO), ensures security can be scaled to cover hundreds of millions or even billions of connected devices.

"Rather than trying to install agents on every device, an SAO approach can allow traffic from each to be analysed automatically by tools. If there is any activity that deviates from an established baseline — let’s call it 'known good' — an alarm can be triggered that leads to further investigation by a human," he said.

"A standardised approach like this allows more efficient collaboration between teams and even different organisations. Details of threats identified in one area can be quickly shared with others to assist them with enhanced security."

Logrhythm SAO

Howe said that early detection and neutralisation of threats was critical to ensure security was maintained within IoT infrastructures. Organisations needed to ensure they could quickly respond to threats before damage or losses occurred.

"By taking a structured and thorough approach to security now, organisations can be confident their usage of IoT can deliver significant business benefits without causing any new potential areas for cyber criminals to target in the future," he said. 


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!



Recent Comments