BLACK HAT and DEF CON, LAS VEGAS, August 7 2015—Things, end points and the Internet are converging into what should be given a new term to embrace them all. I suggest calling this convergence the Internet of Interconnected Technologies or IIT.
According to the SIEM, analytics and intelligence-type vendors, the end point is no longer just a laptop or mobile device with direct user interface. Now they consider severs, routers and switches, firewalls and VPNs, and anything else with a communication port hanging off of it, along with their applications, an end point.
So that means that mobile phones are now end points. Researchers at Black Hat released new methods for advancing what were only formerly lame attacks against apple iOs; while other researchers showed new methods to break into Androids.
It also means that servers are end points, such as DNS servers and their keys and certificates, which are ill managed and a gold mine for hackers to find and manipulate as demonstrated by researchers and vendors at Black Hat.
This also turns smart cars into end points. At Black Hat, researchers Charlie Miller and Chris Valasek repeated their remote control hack that led to the recall of 14 million Jeep Cherokees. Then at DEF CON (directly following Black Hat this weekend at Paris and Bally’s), the Jeep and a Tesla were both on the show floor exhibited as new end points to hack. These end points are now hosting numerous IP addresses to support multiple smart apps that can be targeted.
Then, toss in systems spinning up in the public cloud as virtual end points with rich applications that are of interest to attackers and it’s easy to get overwhelmed. How do you manage all the risk presented in this IIT ecosystem where all end points are targets and all targets are end points?
This interconnectivity between hardware, software and silicon implanted everywhere raises questions like how to holistically (connectively) monitor and apply security rules, intelligence and vulnerability management across such a global, interconnected ecosystem?
It also reinvigorates the question of who is responsible for securing these end points—the manufacturers, the users or both? And who builds that security and who pays for it?
With so many point solutions around (such as DNS key locator services, SIEM, threat or vulnerability intelligence, and so on), it’s going to be a long haul before any ‘big picture’ solutions reveal themselves.
It seems impossibly complex, but one can hope, after mingling with 16,000 brilliant hacker minds, that these and new emerging complexities will be worked out.