Proactive Responses
Exosite

July 20, 2017

Getting Ahead of the Curve: Developing Proactive Responses to Security Threats

Layering on the security can never be a bad thing when it comes to developing your IoT ecosystem, especially since it helps deters more hackers and keeps your name out of the news headlines.

Innovative, proactive strategies have been devised to deal with the inevitability of successful intrusion. Some methods use social engineering against hackers that attempt to access sensitive data and control devices.

One method involves creating a sandboxed environment that mirrors a real one. Create a fake employee that clicks on all phishing links, appears to have maximum authorization in the system, and has fake sensitive information. Hackers will take the bait of a completely valid-looking and vulnerable account, but will only have access to the controlled environment so you can develop a better understanding of their behavior, methods, and motives.

Another method leverages the fact that hackers often look for API vulnerabilities and rely on successful malware to gain access to servers. Technology has been developed to create fake, insecure endpoints that lead hackers again into a controlled environment where malware can be run with no risk to the actual servers. Showing vulnerability and hosting malware can lower the chance a hacker will end up on a real system.

The most proactive response to an attack relies on early detection. When malware is detected quickly, it can be isolated or deleted to prevent attackers from scanning networks for other credentials, spreading malware to other computers, or finding sensitive information. If a hacker gets by the traps, a network must be in place that is configured to monitor unusual network activity and frequently scan hardware for malware. Accurate logging of information within an IoT application can also make it easier to track strange behavior—without logging, it becomes impossible to know what happens within a system and makes early detection more difficult.

A strong questioning attitude is also a key part of a proactive response—workers and users should feel empowered to ask questions and report odd behavior from applications and hardware. New applications suddenly installed, strange emails from unknown persons, and login records at incorrect times hint at abnormal activity that should be reported and investigated.

Download our full Best Practices to Build a Pragmatic Security Strategy for Industrial IoT white paper for more information. If you’d like to get a free account on one of the best IoT platform for security, sign up now.