Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

When everything is “smart”, everything is vulnerable

By Guest

It seems that every day brings a new gee-whiz innovation to consumer technology: smart walls are the latest example setting tech blogs abuzz with speculation. The promise of smart walls is certainly interesting: a sensor built into any wall that turns it into a giant touchpad, capable of receiving commands to operate other “smart” areas of your home. One can easily imagine a future where such technologies infuse our homes, cars and businesses, automating the mundanities of daily life in ways we could scarcely have imagined a few years ago. The Internet of Things will increasingly be folded into the fabric of our reality. Life will be more convenient than ever before. But…

… we’ll also be a more vulnerable society than ever before.

Having a car, home or appliance that connects to the internet has many benefits, but it also exposes them to the same risks that your computers and phones already deal with: malware, spyware and hacking. The consequences could range from the merely annoying (a script that causes the lights in your home to flicker on and off) to the dangerous (a car hacked to lose control on the highway). These aren’t even hypothetical: numerous research projects demonstrate that the possibility is already real. Everything is hackable, but the present trend of rapid innovation means that developers of new technologies are often more focused on getting their ideas to market as soon as possible, rather than on getting them there secure.

Fortunately, logical security solutions are already adapting to anticipate and react to new threats before they can emerge. Merely detecting a problem and then patching/fixing it will hardly cut it in the situations described above?—?new security protocols must be proactive in nature, stopping attacks before they can begin. Moving Target Defense, or MTD, is an exciting development in this space, offering a new approach to data protection that eschews traditional infrastructure-based methods of “detect and quarantine” in favor of utilizing techniques such as system randomization, dynamic networking, and dynamic compilation to create an adaptable defense layer that swiftly renders moot almost any given method of attack.

MTD is one of several sophisticated solutions to a problem that grows ever more complex as more of our daily technologies depend on the cloud. But how do you keep your systems safe without having to learn the increasingly complicated ins-and-outs of modern logical security? After all, you don’t want to be in the security business just to run your own business. This is where automation comes in, keeping your environment secure and updated around-the-clock without any extra overhead (or headache) on your part. Significant strides have been made in automating secure cloud environments, prompting more and more businesses to manage their data in stress-tested and compliance-audited cloud services such as Azure, rather than reinventing the security wheel by themselves.

Technologies such as MTD are not passing trends designed to generate more clicks on security blogs. As cybersecurity predictions in 2018 promise more sophisticated logical threats from, for example, AI-powered and state-sponsored networks, they will prove fundamental in keeping our data secure. It’s an unfortunate truth of the industry that logical security is locked in an endlessly escalating arms race with attackers, as each hopes to stay ahead of the other by leveraging the innovations of the day. Which means that whether you’re a consumer or an entrepreneur, you should ask yourself: are you moving to get ahead of these new threats, or are you standing still?

Interested in learning more?

Be the first to hear about the latest product releases and cybersecurity news.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.