Thursday, October 27, 2016

Security makes a case for Edge Analytics

Malware that can build botnets out of IoT devices is at least partly responsible for a massive distributed denial-of-service attack that disrupted U.S. internet traffic on Friday, according to network security companies.

The DDoS attack last week made big news because it caused by unsecured IoT devices.  A lot of this could probably have been alleviated if people just changed the default username/password on the devices.  In fact, at least one manufacturer of IP Cameras issued a recall on their devices.  From ZeroHedge:

A Chinese security camera maker said its products were used to launch a cyber-attack that severed internet access for millions of users, highlighting the threat posed by the global proliferation of connected devices.

The attackers hijacked CCTV cameras made by Hangzhou Xiongmai Technology Co. using malware known as Mirai, the company said in an e-mailed statement. While Xiongmai didn’t say how many of its products had been infiltrated, all cameras made before September 2015 were potentially vulnerable.

The attack, which took down sites including Twitter, Spotify and CNN for long stretches, underscored how hackers can marshal an increasing number of online gadgets, collectively known as the Internet of Things, to disrupt the internet on an unprecedented scale.
“Mirai is a huge disaster for the Internet of Things. XM have to admit that our products also suffered from hacker’s break-in and illegal use," Xiongmai said in its e-mail.

This makes some people question the future of the Internet of Things.  I think that IoT is here and its not going away, but security is of these devices is going to be increasingly important.

At Contextant, we deal with event input from sensors, most notably IP Cameras which are the basis of our forthcoming ViznTrac smart-camera platform.  The security of IP Cameras is notably bad.  What is someone to do if they want to enable the use of IP cameras for security or other analytic use?  I think Edge Analytics, will become increasing important.  Edge Analytics, is the term for having a device that collects input from multiple other devices and performs some type of "edge" processing before streaming the results somewhere else.  Edge devices can be special purpose hardware such as Dell's Edge Gateway products, but they could also be as simple as a Raspberry Pi.  These devices will need to be secured themselves, of course, but they reduce the number of individual devices you have to worry about and tend to be easier for people to interact with to ensure they are secure and up to date.