Life With Ripple20: How To Harden Deployed IoT Devices?
Ripple20 vulnerability patches are just a drop on the hot stone due to supply chain dissemination. Connected IoT devices need an integrated cybersecurity function that works vendor-agnostic
By: Rhebo GmbH
The cybersecurity experts at research lab JSOF speak of supply chain dissemination and warn: »Over time, the original library component could become virtually unrecognizable.«
The JSOF researchers therefore recommend deep packet inspection technology to detect and block anomalous IP behaviour of IoT devices. These functions are covered by Rhebo IoT Device Protection (https://rhebo.com/
We'll Have To Live with Ripple20
IoT devices are notorious for their lack of cybersecurity. Many vulnerabilities are programmed deep into the code base. Shall all IoT devices be redesigned from scratch? Of course, this is completely unrealistic. It would also not be effective. Currently, hundreds of millions of IoT devices are already in use. Every new development leaves gaps, there will never be a 100% secure IoT device. What is realistic is a cybersecurity approach that works independently of the IoT technologies in use.
IoT Cybersecurity Needs To Be Vendor-Agnostic
This cybersecurity approach integrates cybersecurity on all IoT devices and is tailored to their properties. The solution to this is called Rhebo IoT Device Protection. It actively learns new threats, hence is not limited to known threat signatures. Instead, it also filters for actions that do not fit into the actual behavioural pattern of the device. For example, a large part of the exploits of Ripple20 resemble communication processes that appear legitimate to firewalls. In addition to signatures, Rhebo IoT Device Protection therefore also detects, blocks and reports anomalous behaviour. The solution is integrated directly on the IoT device to act locally and protect the rest of the fleet of connected IoT devices globally. This is even more important in IoT networks where connected devices run on identical technology.
For more information on Rhebo IoT Protection: https://rhebo.com/