Most IT networking professionals are so busy with their day-to-day responsibilities that they don’t have time to consider taking on more work. But for companies with an industrial component, there’s an elephant in the room that is clamoring for attention. I’m talking about the increasingly common convergence of IT and operational technology (OT) networking and security.
Traditionally, IT and OT have had very separate roles in an organization. IT is typically tasked with moving data between computers and humans, whereas OT is tasked with moving data between “things,” such as sensors, actuators, smart machines, and other devices to enhance manufacturing and industrial processes. Not only were the roles for IT and OT completely separate, but their technologies and networks were, too.
Secure software-defined WAN (SD-WAN) has become one of the hottest new technologies, with some reports claiming that 85% of companies are actively considering SD-WAN to improve cloud-based application performance, replace expensive and inflexible fixed WAN connections, and increase security.
But now the industry is shifting to software-defined branch (SD-Branch), which is broader than SD-WAN but introduced several new things for organizations to consider, including better security for new digital technologies. To understand what's required in this new solution set, I recently sat down with John Maddison, Fortinet’s executive vice president of products and solutions.
The STRONTIUM hacking group, which has been strongly linked by security researchers to Russia’s GRU military intelligence agency, was responsible for an IoT-based attack on unnamed Microsoft customers, according to the company. a blog post from the company’s security response center issued Monday.
Microsoft said in a blog that the attack, which it discovered in April, targeted three specific IoT devices – a VoIP phone, a video decoder and a printer (the company declined to specify the brands) – and used them to gain access to unspecified corporate networks. Two of the devices were compromised because nobody had changed the manufacturer’s default password, and the other one hadn’t had the latest security patch applied.
Back when this blog was dedicated to all things Microsoft I routinely railed against the spying aspects of Windows 10. Well, apparently that’s nothing compared to what enterprise security, analytics, and hardware management tools are doing.
An analytics firm called ExtraHop examined the networks of its customers and found that their security and analytic software was quietly uploading information to servers outside of the customer's network. The company issued a report and warning last week.
ExtraHop deliberately chose not to name names in its four examples of enterprise security tools that were sending out data without warning the customer or user. A spokesperson for the company told me via email, “ExtraHop wants the focus of the report to be the trend, which we have observed on multiple occasions and find alarming. Focusing on a specific group would detract from the broader point that this important issue requires more attention from enterprises.”
Cisco has agreed to pay $8.6 million to settle claims it sold video security software that had a vulnerability that could have opened federal, state and local government agencies to hackers.
Under terms of the settlement Cisco will pay $2.6 million to the federal government and up to $6 million to 15 states, certain cities and other entities that purchased the product. The states that settled with Cisco are California, Delaware, Florida, Hawaii, Illinois, Indiana, Minnesota, Nevada, New Jersey, New Mexico, New York, North Carolina, Tennessee, Massachusetts and Virginia.RELATED: A conversation with a white hat hacker
According to Cisco, the software, which was sold between 2008 and 2014 was created by Broadware, a company Cisco bought in 2007 for its surveillance video technology and ultimately named it Video Surveillance Manager.
Eleven zero-day vulnerabilities in WindRiver’s VxWorks, a real-time operating system in use across an advertised 2 billion connected devices have been discovered by network security vendor Armis.
Six of the vulnerabilities could enable remote attackers to access unpatched systems without any user interaction, even through a firewall according to Armis.
- What is the IoT? How the internet of things works
- What is edge computing and how it’s changing the network
- Most powerful Internet of Things companies
- 10 Hot IoT startups to watch
- The 6 ways to make money in IoT
- What is digital twin technology? [and why it matters]
- Blockchain, service-centric networking key to IoT success
- Getting grounded in IoT networking and security
- Building IoT-ready networks must become a priority
- What is the Industrial IoT? [And why the stakes are so high]
The vulnerabilities affect all devices running VxWorks version 6.5 and later with the exception of VxWorks 7, issued July 19, which patches the flaws. That means the attack windows may have been open for more than 13 years.
The internet of things is shaping up to be a more significant threat to the Domain Name System through larger IoT botnets, unintentional adverse effects of IoT-software updates and the continuing development of bot-herding software.
The Internet Corporation for Assigned Names and Numbers (ICANN) and IBM’s X-Force security researchers have recently issued reports outlining the interplay between DNS and IoT that includes warnings about the pressure IoT botnets will put on the availability of DNS systems.
More about DNS:
- DNS in the cloud: Why and why not
- DNS over HTTPS seeks to make internet use more private
- How to protect your infrastructure from DNS cache poisoning
- ICANN housecleaning revokes old DNS security key
ICANN’s Security and Stability Advisory Committee (SSAC) wrote in a report that “a significant number of IoT devices will likely be IP enabled and will use the DNS to locate the remote services they require to perform their functions. As a result, the DNS will continue to play the same crucial role for the IoT that it has for traditional applications that enable human users to interact with services and content,” ICANN stated. “The role of the DNS might become even more crucial from a security and stability perspective with IoT devices interacting with people’s physical environment.”
When it comes to connecting internet of things (IoT) devices, there is a wide variety of networks to choose from, each with its own set of capabilities, advantages and disadvantages, and ideal use cases. Good ol’ Wi-Fi is often seen as a default networking choice, available in many places, but of limited range and not particularly suited for IoT implementations.
According to Aerohive Networks, however, Wi-Fi is “evolving to help IT address security complexities and challenges associated with IoT devices.” Aerohive sells cloud-managed networking solutions and was acquired recently by software-defined networking company Extreme Networks for some $272 million. And Aerohive's director of product marketing, Mathew Edwards, told me via email that Wi-Fi brings a number of security advantages compared to other IoT networking choices.