Thursday, August 25, 2011

#SECURITY: "Five Steps to Securing Internet-Enabled Devices"

So far the most serious security breaches have been from PCs, but embedded system designers are working to prevent Internet-enabled consumer devices from being used as backdoors for future intrusions.

Wind River, makers of a popular Real-Time Operating System (RTOS) called VxWorks for Internet-enabled devices, claims that there will be 50 billion connected devices in use by 2020, any one of which could become the Internet's weakest link.

New forms of attacks and exploits are materializing all the time, according to computer security experts at McAfee, which claims there are 55,000 new malware programs and 200,000 zombies uncovered every day. This is on top of the 2 million malicious Websites that already exist.
So with more connected devices and growing threats, how do you secure Internet-enabled devices?

"We are working with McAfee to deliver stronger security for embedded devices, using a holistic approach that considers security issues at every layer--from the silicon chips and virtualization used, to the operating-system, network and communication stacks, to the application layer," said Marc Brown, vice president of tools & marketing operations at Wind River.

Wind River suggests taking a five-prong approach to securing Internet-enabled devices.

The most serious intrusions so far, appear to be orchestrated by organized crime and government agencies that are committing serious crimes, ranging from embezzling money to stealing state secrets to altering the behavior of physical systems, potentially harming equipment and endangering lives.

In 2009, operation Night Dragon was found to be monitoring energy companies--an advanced persistent threat (APT) that was using coordinated spear-phishing emails, Trojans and remote-control zombies to funnel operational details, exploration results and even the contents of sealed bids to command-and-control computers. Also in 2009, Google, Adobe Systems, Juniper Networks, Rackspace and others reported Operation Aurora, which they claim was aimed at accessing valuable source-code repositories. And McAfee's latest exposure was Operation Shady RAT, which used malware to break into secure government computers worldwide.

To secure Internet-enabled devices from becoming the new backdoors for such intrusions, Wind River is advising its clients to take five steps. First, make a thorough threat assessment regarding the communications capabilities that need to be secured on all new devices. Next, the logical components need to be compartmentalized using virtualization, so they can be separately reset in the case intrusions are detected. Certified runtime components then need to be selected, such as Wind River's Achilles certified VxWorks RTOS.

Then, application-level white- and gray-listing needs to be enforced to make sure infected code is not allowed to run. And, finally, test and validation suites need to be run periodically to make sure that unforeseen vulnerabilities do not creep into code at any time during its lifecycle.

Further Reading