IoT security still needs improvement from all quarters

Well over five years ago the Mirai botnet successfully took over large sections of the Internet of Things (IoT). Now, Microsoft is weighing in to help prevent similar attacks. Business technology journalist Antony Savvas asks whether it will be successful?

Silos

Cyber security is still thought of in terms of silos, according to IoT security specialist ONEKEY. “In doing so, the directly grown risk of many different firmware versions in IoT systems is often overlooked,” warns Jan Wendenburg, CEO of ONEKEY.

According to ONEKEY’s recent research among 300 senior-level company executives globally, the areas of highest risk include IoT devices and facilities in health (47%), devices in critical infrastructure (45%), and in manufacturing (39%).

“All areas of industry are vulnerable, because hackers consistently exploit every vulnerability, not just those addressed by industry representatives,” says Wendenburg.

The particular risk in the IoT sector is that every device and every system have their own firmware. In other words, software that controls the device or facility itself. “Since hardly any guidelines or binding specifications exist in this area, many manufacturers have put little emphasis on seamless security against attacks so far,” Wendenburg says.

Microsoft

Microsoft has released new capabilities for its Defender security protection offering that promise to bring the same level of vulnerability management, threat detection and response for enterprise IoT devices previously only available for managed endpoint devices.

The updated Defender for IoT solution, first previewed at the end of last year, offers extended detection and response (XDR) coverage to IoT devices like digital signage, conference room systems and operational technology (OT) devices, which have all been prone to software vulnerabilities and attacks from cyber criminals.

Agentless monitoring secures “things” connected to IT networks, voice over IP systems, printers and smart TVs, for instance.

Defender for IoT allows firms to gain the essential visibility into devices without additional configuration, through a deployable network sensor that can collect all network data needed for discovery, behavioural analytics and machine learning.

Microsoft says artificial intelligence (AI) will be used to augment other IoT threat intelligence services.

Not a perfect solution

The Microsoft solution for IoT security is obviously a welcome option, but the firm’s Defender technology is not perfect, like most security technology.

Around the same time Defender for IoT was made available with the new features, Microsoft admitted in a security update that a series of phishing attacks were able to bypass Microsoft 365’s security measures (built around Defender) at more than 10,000 organisations since September 2021.

Simon Ratcliffe, principal consultant at end-to-end managed services firm Ensono, says of the admission, “Many businesses are leaving themselves vulnerable in their set up of the Microsoft 365 platform. Ensono research has found a pattern of businesses neglecting the built-in security features available in 365: 38% are not using multi-factor authentication and only 43% have conditional access controls (CAC) in place.”

Ratcliffe adds, “The phishing attack methods outlined by Microsoft, beginning with interception of sensitive data and followed by impersonation of a user, are common consequences from cyber incidents linked to Microsoft 365.

“To protect against the wide variety of threat actors out there today, it is essential that companies start taking advantage of all the security features on offer within 365.”

So, as with all security, users have to do their bit to make sure they’re getting the most out of it, whether a heavyweight like Microsoft is involved or not.

Edge competition

A fierce battle is building as to who can reach corporate customers first at the edge, the cloud service providers, the telcos or the global network providers, or indeed, maybe alliances of all three.

Lumen Technologies isn’t waiting around for anybody else though, with the US-headquartered network provider expanding its edge computing solutions into Europe, providing a low latency platform to businesses that need to support their data-intensive applications.

Annette Murphy

Annette Murphy, regional president for EMEA and APAC at Lumen Technologies, says, “Customers in Europe can now tap into the power of the Lumen platform, underpinned by our extensive fibre footprint, to deploy data-heavy applications and workloads that demand ultra-low latency at the cloud edge.

“They can focus efforts on developing applications and bringing them to market, rather than on time-consuming infrastructure deployment.”

Lumen Edge Computing Solutions are being offered in the UK, France, Germany, Belgium and the Netherlands, with additional locations planned by the end of the year.

Edge bare metal servers, networked storage, privately managed clouds, and an edge gateway to support multi-access edge computing are all on offer from Lumen, in a pretty comprehensive offering through its various regional data centres. Telcos will obviously be taking note.

TalkTalk

Once again the UK’s TalkTalk digital service provider is the subject of takeover speculation, this time with Virgin Media O2 believed to have made a £3 billion (€3.54 billion) offer for the private broadband services firm.

Earlier this year, Vodafone was said to be eyeing up TalkTalk for a takeover too, but that seemingly never came to any firm move. But with Virgin Media O2 now reportedly having made a bid, we may well see a bidding war for TalkTalk, even though its customer and sales growth prospects have been questioned by some market analysts.

Antony Savvas

With Virgin Media O2 already big in market share terms across both broadband and phone services, Vodafone, which is smaller in the broadband sector than TalkTalk, may well be in a better position to get any takeover past the industry regulator.

The author is Antony Savvas, a global freelance business technology journalist.

Comment on this article below or via Twitter: @VanillaPlus OR @jcvplus

RECENT ARTICLES

Phoenix Tower International gains investment from Grain and BlackRock

Posted on: March 29, 2024

Phoenix Tower International (PTI) has announced that Grain Management (Grain), through its flagship funds, and BlackRock, through a fund managed by its Diversified Infrastructure business (BlackRock) have made an investment

Read more

Connectbase expands baltic connectivity with Bitė partnership

Posted on: March 28, 2024

Connectbase has announced the addition of Bitė to its ecosystem. This partnership marks a step forward in enhancing connectivity options within the Baltic region, providing a link between local and

Read more