The¬†October 2016 Denial of Service attack on the popular DNS provider Dyn was one of the largest of its kind, and it caused a widespread blackout for many popular internet services and media outlets affecting millions of users. The ensuing investigation revealed that the attack was made possible by exploiting the vulnerabilities of thousands of IoT devices affected by malware.
From this attack, we can see that even devices that handle non-sensitive data can be hijacked and turned into a hacker‚Äôs weapon.¬† Such attacks underscore the urgent need for strong IoT security as connected devices pervade more of our daily lives.
IT security methods have evolved over many years to temper attacks against traditional IT architectures, but IoT introduces a whole lot of complex architectures, devices, and environments that are harder to model and secure using traditional methods. That is why IBM envisions a completely new way to secure IoT, by using a system that is contextual, cognitive and adaptive.
How IoT security differs from IT security
IoT solutions vary from traditional IT solutions because of the unique factors inherent in devices that are connected to the physical world: IoT devices are deployed in uncontrolled environment and connected through multiple types of networks. This type of architecture may leave many weak links that hackers can exploit. The variety and sheer number of connected devices compared to traditional IT devices is astounding which further compounds the challenges to security.
Security breaches of IoT systems can have dire consequences if they directly impact real world events such as plant operations, or medical services. With such consequences, security considerations for IoT solutions cannot be an after-thought, they have to be factored in all design decisions of IoT systems and their components.
Secure by design
The IT components of your IoT system must be fortified. Even at the early R&D phase, you can ensure that your IoT solutions can scale securely on a cloud and IoT platform that has strong security certification and powerful encryption. The ISO 27001 standard incorporates a process of scaling risk and valuation of assets, with the goal of safeguarding the confidentiality, integrity, and availability of information.
That is important because those are central systems that store and handle the streams of data coming from IoT devices.¬† Ensure that the same level of security is extend to all services and microservices of your solution.
Advanced IoT platforms such as the Watson IoT Platform not only support ISO 27001 but they also support the ability to configure and manage the security environment centrally. Setting Roles gives security analysts the ability to define the right access for different users, applications and gateways that make up the entire IoT solution.
However, even despite taking these measures, IoT solutions inherently have vulnerabilities that cannot be designed for in advance.
Security Intelligence for Cognitive IoT
New approaches are needed to detect and mitigate risks in IoT solutions. IBM envisions cognitive security intelligence as an agent that monitors and learns normal patterns of operation from any kind of information available. Such a security agent can learn and correlate data from multiple streams to form a contextual understanding that is difficult to hack. Machine learning of normal behavior can begin as early as the design phase and it can incorporate requirements, test data and provide ongoing operational insights about the system on an ongoing basis.
The secure framework for cognitive IoT that IBM has envisioned has three phases.
- Monitor and Distill: All available aspects of the environment of the security target are instrumented to construct a 360-degree view to assess the security posture
- Correlate and Predict: Examining the contextual observations to construct behavioral models
- Adapt and Preempt: Focus on a non-static, more agile methodology to counter evolving threats
The main goal of Security Intelligence is to detect attacks against an IoT environment where there are many vulnerabilities that can be exploited. A behavior-based detection technique is most useful to identify deviations from the normal operation of the system.
A recently published paper outlines in greater depth critical steps and techniques for Cognitive IoT security. Read the IBM POV on Cognitive IoT security for a more in-depth review of a secure framework for Cognitive IoT.
Experience the latest IoT Security capabilities and Participate in our¬†Beta
In a recent announcement IBM highlighted new advanced security features in the Watson IoT Platform. As these features are being delivered, we are committed to ensure their success through early interactions with clients.
We are running a Beta of our new Risk and Security Overview Dashboard that will provide visibility across the IoT landscape and create automatic operational responses. The Dashboard will help security administrators and operations personnel quickly understand the security posture of their IoT deployment against their policies.
This security beta¬†is running now,¬†and we are currently seeking clients and partners interested in working with us.
Your¬†feedback is a crucial component in our delivery of high quality products that meet your needs, so if you would like to participate and experience the latest IoT Security capabilities please sign up.
Find out how to participate¬†in the Security Beta.