Global Cyber Alliance Launches Automated IoT Defence Ecosystem That Secures IoT Devices

2755
  • Aims to secure small businesses, manufacturers, service providers and individuals against growing cyber-threats.
  • The IoT defence ecosystem employs a unique technique of deception technology that deliberately lures attacks so that its patterns could be studied.

The Global Cyber Alliance (GCA), an initiative dedicated to eradicating cyber risk has launched the Automated IoT Defence Ecosystem (AIDE), a first-of-its-kind cybersecurity development platform for Internet of Things (IoT) devices. AIDE enables small businesses, manufacturers, service providers and individuals to identify vulnerabilities, reduce risks and secure IoT devices against persistent cyber-threats.

In order to leverage the AIDE technologies, GCA is also working with Attivo Networks to build a SCADA-based network for collecting threat intelligence on attacks that can target industrial control systems.

“We are thrilled to be working with GCA to provide the benefits of deception technology to organisations around the world. IoT devices are notoriously difficult to secure and apply typical prevention measures. As a result, innovative solutions like deception technology are playing a critical role in the early threat detection and response to cyberattacks,” said Marc Feghali, Co-founder and Vice President – Product Management at Attivo Networks. “By creating customised decoys that blend in with production connected devices, organisations can quickly detect attackers, engage them, capture their attack methods, derive their attack signature and divert them away from real IoT infrastructure, mitigating the risk of attacks on Operational Technology (OT) infrastructure.”

GCA ProxyPot

The GCA ProxyPot, a security mechanism to prevent unauthorised use of IoT devices is capable of identifying attack risks across multiple IP addresses and physical locations in an efficient and accurate manner. Together with AIDE, the GCA ProxyPot allows organisations and individuals to have greater visibility into the types and scale of threats faced by the IoT devices.

Philip Reitinger, President and CEO of GCA said, “The number of internet-connected devices has grown exponentially over the last decade and with it the cyber risk to companies, organizations and individuals deploying these devices on their network.

He further added, “The launch of the AIDE platform furthers GCA’s mission of providing scalable, implementable solutions to organisations of all sizes and budgets to secure their devices and reduce risk.”

What AIDE has to offer

The AIDE platform offers data collection, analysis and automated defence on a wide scale.

Collection
The AIDE platform will automatically collect IoT attack data through:

  1. Setting up honeyfarms (deceptive network traps) having more than 1,200 devices.
  2. Virtual IoT devices located on simulated networks.
  3. ProxyPots that can be distributed around the world and backed by real and virtual IoT devices.

Analysis
AIDE collects and analysis attack data. It is then made available to companies, academia, nonprofits and other entities to study IoT attack signatures and patterns.

Automated Defence
The real-time threat feeds generated by the platform identifies and limits further attacks that can compromise IoT devices. AIDE enforces an edge router/policy in order to use such threat feeds for mitigating attacks against the local environment. It also utilises the capabilities of the “Manufacturer Usage Description” standard, through which manufacturers can specify the types of activities and communications that are allowed on their devices. This type of automated
defence offers small businesses and home users a way to have free or low-cost protection for their small office and consumer network (home IoT) devices. 

With around 14.2 billion internet-connected devices currently in use and further addition of 25 billion by 2021, the challenge to identify, analyse and mitigate IoT threats has dramatically increased. Keeping this in mind, there is an urgent need for addressing the threats to IoT devices.