Securing the Internet of Things

The Internet enables any-to-any connectivity. The first wave of connectivity was user buildings (homes and offices) connecting to business buildings with wired Internet connections. The second wave was mobile user devices (laptops, smartphones, tablets) connecting to businesses and each other over wireless Internet connectivity. The latest wave is "things" connecting to users, businesses and other "things" using mixtures of wired and wireless connectivity. This includes automobiles, airplanes, medical machinery, personal medical devices, windmills, environmental sensors, natural gas extraction platforms, you name it. The effectiveness and efficiency of these systems is being greatly multiplied by both client/server and peer to peer connectivity, enabled by advances in new forms of connectivity, inexpensive controllers and Internet-standard protocols.

The Security Challenge: Most of the devices in the Internet of Things will be used in two broad areas:

1. Critical Infrastructure - power production/generation/distribution, manufacturing, transportation, etc.
2. Personal "infrastructure" - personal medical devices, automobiles, home entertainment and device control, retail

Critical infrastructure represents an attractive target for national and industrial espionage, denial of service and other disruptive attacks. Internet connected things that touch very sensitive personal information are high priority targets for cyber criminals, identity theft and fraud. In both of these areas, new technology requiring new approaches to security will be added to legacy systems employing legacy security processes and technology. While the same Critical Security Controls will be needed in the Internet of Things, the way security is architected, delivered and monitored will need to change.

The Call to Action: The Internet of Things is still in its infancy and the security community has a chance to build in new approaches to security if we get started now. More secure embedded operating systems and applications, more scalable approaches to continuous monitoring and threat mitigation and new ways of detecting and blocking active threats are evolving and can be tremendously effective. SANS is looking to bring together community talent and ideas to develop new solutions, demonstrate security technology that already works and to provide a force multiplier to making the Internet of Things be more secure than the first phases of Internet evolution.

- PCs - Tablets, Smartphones - ICS/SCADA, ICS
- Servers - Mifi, Home Energy - Medical Machines, Kiosks
- Virtualization - Medical Wearables, Medical Implants - Cloud Service Infrastructure
- Routers - Home Entertainment - Manufacturing
- Switches - Home Control - Env. Monitoring

Securing the "Internet of Things" Summit