CyberSecurity early detection

Watchdogs and Cybersecurity Threats

Watchdogs traditionally gather information about wrongdoings. These dogs are tiny software programs watching systems and informing the public to understand what happens. Think of a wearable gadget that monitors your heart rate while you are running. Maybe it only logs your records - it beeps perhaps - or passes the data to another device. We use the same principle. Our watchdogs try to find security alerts in IOT expert communities.

Watchdogs and the Internet of Things

A Watchdog is based on a continuous search job for reported vulnerabilities and CyberSecurity alarms. Automated search requests take over the search for vulnerabilities. They search forums and company websites. Vulnerabilities are not uncommon and cannot really be ruled out. They occur again and again because software is always evolving. It is important to identify vulnerabilities in time, then develop the appropriate improvements (patches) and install them quickly. In the second and third steps, the normal user is dependent on knowing in the first place that he has to take action himself. Smartphones and PCs offer automatic updates. But for smart home devices, this process is rather unfamiliar. Normal users usually consider a WiFi radio as a radio and do not realize that software also plays a role here that needs to be updated.  💥 🚧 An IIOT watchdog monitors vulnerabilities in the Industrial Internet of Things (IIOT) environment. These are simple smart home components (IOT) and components that control industrial machines. 

How does an IIOT watchdog work?

An IOT (or IIOT) Watchdog is dedicated to security in the interest of consumer protection. Specifically, it monitors manufacturer portals and forums that write about and evaluate technical gaps in the smart home (this would refer to the classical Internet of Things). Let´s say hackers compromise the Amazon Echo Show 8. It´s time to understand the impact and act accordingly. Is it just a minor bug and doesn´t cause any risk, or is it a severe attack, and you need to take your devices down immediately?

A watchdog can never avoid that hardware and software become compromised but will give you valuable time to respond. Now think about a water supply system for a small town or a small production facility. With digitization moving on, these traditionally siloed tech stacks become exposed to cybersecurity attacks. Large plants probably have state-of-the-art protection in place – many companies don´t update their policies and protection routines immediately. In February 2021, many thousand companies are still exposed to the Solarwinds hack. That results in massive risk for the company and society.

The IIOT Watchdog listens to search feeds and monitors vendor initiatives and white hat forums. Exactly who is behind the account sensor can be answered in several dimensions: independent technical editors are responsible for monitoring the components. Of these, there are thousands who publish their findings. Among them are manufacturer blogs, technical publishers, but also hacker forums.   

We monitor these account sensor reports via specialized software. This is an essentially automated process, similar to the analysis of RSS feeds. As soon as a reference to a software/hardware component relevant to our plans appears – the more detailed examination for content quality and relevance is carried out by a human.

IOT Security Scans

Why are Overexposure and Corporate Blogging problems?

The biggest weak point, however, is people

Kaspersky Lab

The biggest weak point, however, is people. According to Kaspersky Lab 30 percent of all employees click on everything. ⚡️👻 With that in mind, we expect to be hacked and prepare and set corresponding routines.  

Mandatory updates for devices and software are just as necessary as consistent user training. If a capable attacker really sets his mind to it, he will get into your system. There are always vulnerabilities. New patches create new vulnerabilities. Meanwhile, there are vulnerabilities in hardware. The only solution then is often to throw the product away.

The best defense strategy is the one that assumes that someone wants to break into the system and will succeed. So we have to constantly look for intruders, find them, and throw them out of the system.