By Alan Zeichick, IDG Contributor Network, Published in Network World on December 14, 2015
"Our home water is purified by both the local water company and by our own on-premise filtration system. Securing data flowing to and from the IoT requires this same dual approach
I am afraid of the Internet of Things. Is my television listening to me? Maybe someone has hacked into Alexa or Cortana or Siri, or is using my Nest thermostat as an attack vector into my wireless LAN or enterprise WAN. Can someone track me via my smartwatch or fitness band? What about all the automotive stuff? I don't believe there's any one technology that will provide the security we need. We need to harden all connected devices to make sure they are resistant to attack. And we need to ensure that network traffic is filtered, cleaned, sanitized, to prevent the hijacking of data or connections back to devices or remote data centers.
We need artificial intelligence. Crypto – that's good and necessary, but not sufficient to protect our devices and their data. Virus definitions and malware profiles are too big, too slow, and too risky, especially when it comes to small, low-powered devices. Plus, by definition, signature files are always protecting against the past attack vectors, not the ones that nobody sees. Security has to be smarter and focus on detecting bad behavior.
How big is the problem? Big. As cited in Maria Korolov's recent article, “Most hackable devices,” the Pew research center estimates that 68% of U.S. adults own a smartphone, and that mobile shopping will account for 30% of online shopping this year. She cites research showing that half of smartphone owners use mobile banking, and 1.4 billion people log into Facebook each month using their mobile devices.
What's more, 30% of Android users don't protect their smartphones with passwords, and 44% do not have an anti-malware solution installed, according to research from Kaspersky Labs and B2B International. Bluetooth is another vector; Korolov quotes Bruce Snell, director of security and privacy at Intel Security, explaining that some devices use default pairing passwords for Bluetooth, like 0000 or 1234, allowing cybercriminals to pair and gain access to a device easily."
"And we need solutions like Wedge Networks' Cloud Network Defense to protect carrier networks because we can't trust the IoT endpoints, enterprise data centers, or cloud service providers.
Because CND works on an SDN-based carrier network via NFV, it can be always watching – and never affected by the malware itself. Wedge's founder and CTO, Hongwen Zhang, explained about the company's new filter technology, called WedgeIQ, that goes beyond deep packet inspection to apply AI machine learning and Big Data-style analytics to see new real-time threats – and apply instant countermeasures. What's more, CND is a multi-tenant system, if one carrier catches a new attack against once of its customers, all other customers will be protected as well."
For the full article, please visit networkworld.com.