Intel: Build security into Internet of Things, 5G at chip level
While cyber attackers are turning their attention to the Internet of Things (IoT) at an alarming rate, an Intel Security expert says the time is now to start tackling what is only going to become an even bigger target for cyber attacks.
"We've seen a huge increase in mobile malware over the last year," Bruce Snell, cybersecurity and privacy director at Intel Security, told FierceWirelessTech. "We're really seeing a shift in cyber criminals starting to use techniques that were successful on the PC," such as more ransomware and devices being used as part of a botnet to further spread spam.
That's only going to be enhanced by 5G; current industry estimates put the number of wearables to around 780 million by 2018. And with the kinds of speeds that are being talked about with 5G, data transfers will occur so fast that they'll essentially be invisible to the user, so a lot of data could be copied or spam sent to a mobile device before the user suspects anything.
"I think a lot of times people think, well if my refrigerator is hacked, who cares?," he said. Most people consider their home network to be safe and avoid using a Starbucks hotspot for things like banking, but once a lot of unsecure IoT devices start getting introduced to the home, that opens up the chance for criminals to get a foothold in the home.
"Part of our job at Intel Security is to make sure that we're working with the carriers and the manufacturers to really start thinking about security and really take it very seriously," as well as working with manufacturers on a chip level to provide a low level baseline for security. "It's all about making it as difficult as possible for the attackers, and we can do a lot of that actually with the chipset… There's a lot you can do with the underlying architecture to make sure that you have a secure platform."
Intel is working with operators to define the 5G specs and make sure security is top of mind. According to a recent report on IoT security commissioned by AT&T, there's been a 458 percent increase in vulnerability scans of IoT devices in the last two years.
Given the myriad protocols vying for IoT, does that make it less likely for hackers to be successful? Hackers want to get the biggest bang for the buck, which is why they're going after Android. If everyone is using a standard, common OS or language, it makes development easier and quicker, and interoperability is a lot easier to accomplish between, say, the phone and a thermostat. On the other hand, if a common language is used, it makes it more convenient for a hacker. "It's kind of a double-edged sword," he said.
With so many devices in IoT being tiny, that also poses security challenges. The operating system on some devices is so tiny that there's not much space to work with in terms of adding security software on top. "You really have to make sure the chip itself is secure," Snell said. At Intel Security, "we work with the manufacturers to obviously make sure they're doing secure coding practices and also looking at the design specs to see where we can insert security at the hardware level."
- download this report
IoT security threats are skyrocketing, AT&T reveals
Intel, Qualcomm lead new effort to tackle Internet of Things fragmentation
Intel shifts to new chips for Internet of Things
IoT requires new ways of thinking about security
Security is top of mind for Internet of Things Thread Group