>> IoT SECURITY - ARE WE GOING ABOUT IT THE WRONG WAY?
This one is for the way-out-there department but makes for interesting
published an article recently that makes a good point of questioning if
security within IoT and computing in general is being actually being
tackled appropriately - instead of implementing physical security measures,
is there a possibility to learn from biology to protect and adapt against
attacks to strengthen each node in a deployment?
While technology and biology are two completely different areas - after
reading the article and thinking about it closer, there are a lot of
interesting points raised that if implemented correctly could see a rise
in adaptable security and diversity in technology; as nature models perfectly.
As HP has
reported previously up to 70% of IoT devices are vulnerable, the main
reason for this is the lack of diversity and common 0-day attacks being
exploited across multiple devices, including the likes of shellshock,
heartbleed and blatant lack of security in the first place.
The article also covers the concept of immunological defence that
can be adapted for use within technology - that threats are identified
based on behavioral factors rather than a database of known signatures
that are effectively out of date the second the product ships.
Once an alarm has been triggered the system must respond to the threat -
taking the immune style approach; the node could resolve the threat and
take one for the team yet at the same time alert neighbouring nodes of
the threat to assist isolation of the threat and spawn a redundant node to
replace the functions performed by the infected one.
The basic gist is to start out expected to be attacked and focus on
protecting the health of the total system understanding a small
sacrifice (with learning and fall back concepts) may be the best for
the greater good overall - the concept is food for thought for sure.