Exploring The IoT Attack Surface

Jeff Pollard

Merritt Maxim and I just published our research on the IoT Attack Surface. This report gives a realistic, but not sensationalized, view of how enterprises need to think about IoT. Three factors motivated our research for this topic - attacks on IoT will transcend the digital-physical divide, the sheer scale of IoT will challenge security teams, and IoT devices collect massive amounts of data.

The following methodology allowed us to hone in on concrete enterprise scenarios:

  • We went for offense first. We started by interviewing prominent security researchers that spend their days thinking about how to attack IoT devices and systems. Our outside in approach allowed us to develop a threat model for intrusions, as well as identify weak points in the defenses of IoT makers, users, and operators.
  • We explored the ramifications of an attack. We wanted to understand what an attacker would - or could - do when successful. We also wanted to understand the amount of friction that existed for whatever came next - credential harvesting, persistence, or disrupting operations.
  • We examined existing security practices to understand what works, and what doesn't when defending IoT devices. This step highlighted that while IoT is different, defending IoT looks similar to other security problems S&R pros have dealt with. You can bring security lessons forward and apply them to IoT without having to learn them all over again.
Read more

Introducing The Forrester Wave™: Digital Risk Monitoring, Q3 2016

Nick Hayes

We recently published our Forrester Wave™: Digital Risk Monitoring, Q3 2016 report. We evaluate nine of the top vendors in this emerging market that offer solutions to continuously monitor “digital” -- i.e., social, mobile, web, and dark web -- channels to detect, prevent, and mitigate any type of risk event posing a threat to organizations today.

 

Why now

It’s almost 2017 and yet companies are more exposed and less equipped to handle the slew of risks that run rampant across countless digital channels today. Digital risk monitoring (DRM) solutions are increasingly valuable for organizations because:

  • Digital channels are now ground zero for cyber, brand, and even physical attacks. Cybercriminals use a variety of tactics to weaponize social media, impersonate or embed malware into mobile apps, deface websites, collude in dark channels, and cause financial, reputational, or physical harm. Digital risk monitoring tools combat these methods by deploying a variety of data-gathering and advanced risk analysis techniques. They aggregate data via open-source intelligence (OSINT), technical intelligence (TECHINT), human intelligence (HUMINT), and even covert human intelligence (CHIS). Then they analyze the collected data with data classifiers, machine learning, and risk scoring algorithms to determine the most likely and most threatening risk events in a quick and efficient manner.
Read more

Facebook, LinkedIn, Twitter: The New Cyberweapons Of Choice

Nick Hayes

New social media scams and marketing #fails are common fodder for water cooler banter today – even a recent episode of HBO’s Veep ran a joke where the President blames a Chinese cyberattack for sending an ill-advised tweet.

But social media cybersecurity issues are far from a laughing matter, and it’s time we all take notice. Our new report Four Ways Cybercriminals Exploit Social Media proves this.

Poor social media security practices put you, your brand, your customers, your executives, and your entire organization at serious risk. According to Cisco, Facebook scams were the most common form of malware distributed in 2015, and in its most recent annual internet crime report, the FBI highlighted that social media-related events had quadrupled over the past five years. Social media is also increasingly an effective tool for terrorist groups like ISIS, even as Twitter and other social networks work around the clock to remove associated accounts.

Read more