Can Smart Lighting Beat a Hacker? How Machine Learning Can Boost IoT Security

Can Smart Lighting Beat a Hacker? How Machine Learning Can Boost IoT Security

IoT security FIIt’s possible: Smart lighting could be the most dangerous element in your company’s network. By 2025, there will be 75 million IoT devices in use. Smart devices are now found throughout most commercial offices, yet a lack of security could make them ticking time bombs; IoT devices often have major security issues, and it can be difficult to detect when someone has exploited one of their vulnerabilities.

Organizations that want to leverage the power of the Internet of Things will need to find ways to secure those devices. That security begins with the network itself and extends to advanced technologies like machine learning.

Let’s examine how machine learning for cybersecurity can boost your network security and protect you from attacks that target IoT devices.

The Dangers of IoT

Why are IoT devices dangerous? It’s not a single issue; rather, it’s intrinsic to the way that the technology itself works.

IoT devices have been added to modern offices to improve both productivity and convenience. They include security sensors, equipment trackers, inventory management devices, and multimedia systems for the purposes of communication and conferencing. Yet with as many advantages as IoT devices have, they also have risks:

  • IoT devices add numerous endpoints to a network. These endpoints are constantly growing and need to be individually managed. Many security teams don’t have the capacity to pay attention to the security of every printer or Wi-Fi-enabled water cooler they hook up to their network, regardless of how important they know this is.
  • IoT devices do not provide comprehensive reporting, and most are running on outdated firmware. Even if IoT solutions have some form of security, they usually don’t provide an alerting system or reporting system that the company’s own network security can rely upon. The network itself must be responsible for its security.
  • IoT devices often don’t have any internal security. There are many IoT devices that don’t come with onboard security at all, or come with very limited security, and must be properly configured to take advantage of these tools. They typically rely upon external IoT security solutions to keep them safe.
  • IoT devices are often prohibitively difficult for security teams to manage. With the sheer number of IoT devices that are going online as part of a modern network, it becomes difficult for a company to track and maintain all of them. IoT device security can be improved with frequent updates to remain protected, although this can be a resource-intensive process.

IoT devices create a perfect storm: they’re plentiful, unsecured, and connected directly to a company’s network. In a single office building, manufacturing site, school campus, or warehouse, there could be hundreds of IoT devices reporting back information to a central location, and only a single one of them would need to be compromised to put the rest of the network at risk.

The Gap Between IoT Insecurity and Network Security

IoT devices tend to have inherently poor security, but that doesn’t mean that they need to inherently pose a risk to a network. IoT solutions can be security risks in and of themselves: but for them to become a data loss risk, an attacker needs to be able to expand beyond the initial compromise of an IoT device and access and manipulate data across the network. A network that has the appropriate security controls will be able to protect itself.

In order for a network to be properly defended, a network security system must:

  • Identify suspicious traffic that could indicate malicious lateral movement. To do this, the security system must first have a solid baseline of usual traffic against which new activity is analyzed to determine what’s anomalous. The hard part is that not all anomalies are malicious, resulting in numerous false positives.
  • Notice when user accounts are acting in atypical ways. Users signed in from different locations, copying or accessing large volumes of files, or attempting to alter their own permissions could indicate that accounts have been compromised.
  • React to the hallmarks of a data intrusion. Data intrusion often leads to large numbers of files being copied and sent off the network or staged on a host in advance of exfiltration, or large numbers of files being encrypted.

Of course, the volume of network activity taking place typically overwhelms a security teams capacity. This is where machine learning comes in. Machine learning can provide real-time analysis that learns over time, reducing the burden on the security team while improving threat detection.

Machine Learning for IoT Security Solutions

How can an organization counter a risk as potentially pervasive as poor IoT security? It’s not possible to simply avoid the IoT altogether; IoT solutions provide an incredible amount of utility, value, and convenience. Yet traditional security solutions struggle to keep up with the volume, as securing IoT devices requires a prohibitive amount of resources.

The answer is machine learning. Machine learning for cybersecurity has a few major advantages particular to dealing with the IoT. Machine learning technology uses proven algorithm to detect patterns in network data and is able to learn what “normal” is as it goes. It’s able to learn how a network usually looks and functions, thereby identifying when there may be risk factors, such as increases in data movement or unusual traffic patterns.

By learning in this way, a security solution that uses machine learning can improve security without needing to hire more staff. As network traffic grows exponentially with the addition of new IoT devices, it’s important that the solution to IoT devices be inherently scalable. And because machine learning grows over time, it becomes more effective over time. And when armed with behavioral analysis in addition to network traffic analysis, it can discern between malicious anomalies and benign ones, avoiding time-consuming false positives.

Key Takeaways

In the past, IoT devices were somewhat optional: They were a novelty meant to make life a little easier. Now, IoT devices are everywhere. They’re security cameras, printers, copiers, even Wi-Fi enabled lighting. They’re even within critical functions of the enterprise environment, such as inventory sensors and scanners.

Ultimately, there’s little that a business can do to completely avoid IoT devices. Security teams need to accept that the network landscape is changing, growing, and evolving. Networks are becoming larger and potentially unwieldy; businesses can only manage this by proactively managing the IoT devices on their network and monitoring the network for any indicators that a device may have been compromised.

To effectively secure today’s networks, organizations must turn to technology. There simply aren’t enough people available to do this manually, and it would be cost prohibitive. Security solutions that incorporate machine learning can improve detection of advanced threats with limited staffing.

Next-generation technology like machine learning for cybersecurity can help your business be more secure as it grows. Learn more about Lastline IoT security capabilities.

Andy Norton

Andy Norton

Andy has been involved in cyber security best practice for over 20 years, specializing in establishing emerging security technologies at Symantec, Cisco and FireEye. In that time, he has presented threat and intelligence briefings for both Bush and Obama administrations, The Cabinet office, the Foreign and Commonwealth office, SWIFT, Swiss National Bank, Prudential Regulation Authority, the Bank of England, The Hong Kong Monetary Authority and NASA. Returning to Europe from Asia in 2011, he has spent the past 5 years helping many of the FTSE 250 companies measure, manage and respond to cyber incidents.
Andy Norton