Vital Signs: Why Service Monitoring is a Key Step in Effective IoT Cybersecurity

Written by

The last few years have seen a boom in the number of connected devices being used across the globe. There are now billions of devices live, collecting data and streamlining processes. Everything from your TV to your office is ‘smart’ these days and the trend is set to continue in the post-COVID world as working habits change.

It's not just about regulating office temperature or your Alexa smart speaker, we are seeing a number of use cases for IoT in critical infrastructure, with large parts of the electricity grid, from wind turbines to smart meters, now controlled remotely via IoT.

This makes the stakes incredibly high from a security standpoint. For a cyber-criminal, the payback from taking down a nation’s power grid is huge. The ramifications would be enormous – imagine hospitals having to operate without power, or the damage to the economy from taking power offline for even a day.

For IoT service providers in all markets, spotting which devices aren’t behaving as they should and effectively managing software patching becomes a serious challenge as they grow. Service Monitoring is a key tool to address this problem, and we can consider its role as similar to that of a medical professional, acting both proactively and reactively to treat a patient (your connected device estate).

When Smart Devices Turn Bad

With the rapid development of IoT and the sheer volume of code needed to run and support them, there are bound to be vulnerabilities. Indeed, we have already seen highly effective cyber-attacks on IoT devices, such as 2016’s Mirai botnet DDoS attack. IoT has developed a reputation for being somewhat insecure.

This isn’t an unfounded viewpoint. In the early stages of widespread adoption, there are always teething problems with tech as vendors look to take advantage of high demand, with security perhaps not the top priority at every stage of development, as it should be.

Effective cybersecurity is not a one-off action, it's a continuous process. There's plenty to be done up-front during the R&D phase of a product, but it certainly doesn't end there.

Once in the field, any product is likely to experience new vulnerabilities – particularly in any custom code that it is running, such as its application. To catch these cases, it is necessary to have some kind of process capable of detecting that the product has been compromised – and Service Monitoring has a big role to play in this.

Effective Diagnosis and Treatment

In a security setting, Service Monitoring technology acts as a medical professional, in both a reactive and proactive way, by keeping an eye on your entire estate of devices.

Proactively, it monitors the ‘vital signs’ of connected devices. Much in the same way a doctor will periodically check breathing, heart rate, blood pressure and temperature for any signs of an impending problem, Service Monitoring is able to monitor your devices for their general health.

Then once a potential problem has been detected, either by Service Monitoring or another mechanism it can use those same vital signs to "triage" the problem and take the first steps towards diagnosis and treatment.

Vital sign metrics such as "total bytes sent/received per day" or "battery usage per day" are key indicators of the overall health of a device. Much in the same way that a rapid rise in temperature or heart rate in a human indicates a problem, if these metrics suddenly increase in a device, then it can be a sign that it has been compromised, particularly if the change starts to affect multiple devices across the estate. A virus spreading from device to device will change how the device is communicating, and how much power it is using.

Service Monitoring also plays a crucial role in proactive IoT security, administering potentially device-saving patches and firmware updates in a similar way to a doctor prescribing medicine to a patient. Having so many remote devices poses a real challenge for IoT security – it would take a huge effort to manually check devices are running the latest firmware and to reset devices after an update, particularly those devices that are difficult to physically access, such as offshore wind turbines. Service Monitoring is able to track and administer patches remotely, consistently and quickly.

Getting the Basics Right First

Both the reactive and proactive security benefits of Service Monitoring are crucial to securing estates of connected devices. Without this first line of defense, triaging devices that might have been breached and administering vital patches becomes incredibly difficult, particularly if you are dealing with thousands or millions of devices, as many service providers are.

With connected devices now controlling swathes of processes across personal, business and infrastructure settings, the stakes couldn’t be higher. As society increasingly moves to remote methods of working in the wake of COVID-19, this will only become more pronounced as IoT takes on more of the heavy lifting. Huge sections of our infrastructure will come to rely on IoT over the next few years, so it is vital that we get security in good shape right now, and lay a solid foundation for a secure the Internet of Things. Service Monitoring is that foundation.

What’s hot on Infosecurity Magazine?