A new approach is needed to address these concerns and protect these devices and should include:
To create this breakthrough in security, organizations must understand security technologies and the gaps that keep CIOs and CEOs awake at night. Understanding the business needs of enterprises and companies will lead to the development of the technology from the embedded devices to the management platform and create tools to provide information consumed by many key players from IT managers up to C-level executives.
Focusing the efforts on defending the non-volatile memory is the outcome of the fact that the “holy grail” mentioned above remains the main target for attackers. Attackers want their attacks to
be persistent, to stay in control of devices and networks, and to easily be hidden. They also want to easily manage their future attacks.
If an authorized party can control the write and read lines, it avoids any capability to manipulate the data or the code stored inside the memory device. A software-only security solution, even
if very sophisticated, trying to overcome the security gap can be compared to Bobby Fisher trying to win a basketball game. CISOs need to do more than apply common methods to protect content or
the firmware through encryption for example, as encryption cannot protect against attempts to destroy the data.
What is needed is a truly innovative security approach process in which various components run in the memory itself while the management platform runs in the company’s secured area, taking
advantage of its full capabilities. Each flash-enabled device self-registers to the management platform during its first operation using a unique un-cloned key. Thus, if even one end-device (or
many) is breached—a huge task by itself—there is no impact on other devices, which remain secure.
This solution should protect the root of trust between the cloud and the device, from provisioning time throughout the device’s entire lifecycle and after, ensuring that only an authorized entity can update and change the device’s critical elements.
It’s important that any security protecting IoT devices from embedded to cloud contain the following features:
If organizations focus on protecting the persistent memory, recent famous attacks could have most likely been prevented. If the device’s flash memory was protected, security flaws like VPNFilter and Mirai would not exist. And these security flaws are damaging to organizations with IoT devices. For example, the Mirai malware changed code in security cameras, routers and other sorts of connected devices, turning them into bots in a botnet that was later utilized in attacking Amazon, Twitter, Spotify, DYN and many others. There’s also an issue with security flaws such as Meltdown and Spectre, as these vulnerabilities demonstrate a fundamental flaw with CPU design. While chips vendors have sent software patches to rectify the security issue, these patches will have limited results against current and future breaches resulting from internal design flaws, coding errors and external hacking, all of which still have huge implications for a number of connected devices from the medical field to smart cities. If the firmware of the said routers or cameras had security built in or on top of the persistent memory, then the content could not be changed and could only be updated and managed by the organization’s owner.
Organizations need an end-to-end, embedded-to-cloud solution for managing, protecting and firmly securing IoT and connected edge devices, an approach that prevents all attack vectors from overwriting, modification, manipulation, and erasure of memory content. Until then, we’ll never find the “holy grail” of cybersecurity protection.
=============