The Airwall Promise: IIoT Invisibility and More

Greg Ness profile picture

Greg Ness

Chief Marketing Officer

Wednesday, November 27, 2019

The benefits of digitization are driving organizations to connect billions of OT devices to the internet, destroying the air gap that once protected them. Even worse, new attack vectors are...

A Step-by-Step Guide to Securing Biomedical devices in Hospitals

Caston Thomas profile picture

Caston Thomas

President of Interworks LLC

Tuesday, November 12, 2019

The last two years have been an interesting journey for me. It started out, as a bit of an outsider, trying to solve a technical problem almost every hospital is wrestling with today, and that is how to secure biomedical devices.

It’s been a journey that has taken me from, originally, mostly a...

Did Mel Brooks Foresee the Digital Era Firewall Flaw?

Greg Ness profile picture

Greg Ness

Chief Marketing Officer

Wednesday, October 16, 2019

Attack Vectors in the… Trillions?

127 new devices per second are being connected to the internet, many of them insecure by design, creating a global hacker’s superhighway. I discussed this in more detail in The Digital Cyber Security Paradox:

In 5 years there will be 75 billion devices connected to the internet, perhaps a few billion insecure and unpatchable. An estimated 2 billion run VxWorks and perhaps a couple hundred million of those will not be patched in any reasonable length of time. - Archimedius

[Here is a great collection of IoT connectivity and market size stats from Cisco, Gartner, etc. on various aspects of the Saganesque “billions and billions” IoT estimates.]

OOPS, We’ve Gone Global

While everyone is focused on the massive, unprecedented growth in the IoT attack surface, the bigger, lethal problem is the exponential increase in attack vectors, which enable lateral movement around firewalls. This flaw is the bigger reality buried deep inside the WannaCry/NotPetya “oops- we’ve gone global” cyberattack, when IIoT targets in Ukraine were unintended backdoors into the UK health system, Maersk and FedEx. It’s also the hidden byline underneath recent waves of ransomware outbreaks and our growing digital age cybersecurity malaise.

The Maginot Line, when lateral movement trumped massive security investments.

Based on France's experience with trench warfare during World War I, the massive Maginot Line was built in the run-up to World War II... French military experts extolled the Line as a work of genius… The line has since become a metaphor for expensive efforts that offer a false sense of security.”- Wikipedia

The Maginot Line was built based on the assumption that the next French war would be fought based on the technology of the last one. When the Germans quickly and easily conquered France, they did it by simply going around it.

Most firewalls deployed today were architected in the 1990s…. when there was only one way into a network. Today there are trillions of attack vectors and growing.

Old Architectures versus New Realities

Deploy a firewall in front of each device or for each vector? That would bankrupt most organizations, if they could find enough skilled security pros to manage them. So we have a new digital era problem: how do old architectures address new realities? They can’t.

A few weeks ago this came up on theCUBE, recorded after Gabe Lowy published his thought-provoking paper: Securing Critical Infrastructure Against Cyberattack. I talked about how “we don’t even have the semblance of a Maginot Line when it comes to IIoT infrastructures. At the close of IIoT and Cybersecurity: Apocalypse Now or Later John calls the IIoT vector problem “one of the most important stories in the tech industry in a long, long time…” I think he’s right.

Perhaps Mel Brooks saw this futile digital age scenario coming decades ago.