Story image

ESET responds to security threats brought by IoT and BYOD

27 Nov 14

BYOD and the internet of things (IoT) come with new security threats and the need for more sophisticated solutions. Juraj Malcho, ESET, chief research officer, says, “We don’t buy into the buzzwords, it’s all about security.”

When it comes to IoT, Malcho says there isn’t any real security solution, short of disconnecting.

“Hackers are definitely looking into how they can exploit IoT,” says Malcho. “Take connecting your car to the web, hackers may not want to steal the car but instead be after the gadgets inside."

"Devices can be starting points when it comes to probing your network,” he says.

In the same vein, Malcho says the best security solution for BYOD is to not offer it.

At ESET, BYOD is sometimes referred to as bring your own destruction as it’s very difficult to have a secure network, he says.

“I see why people would want to use it but there are two scenarios,” he says. “Businesses can install management software such as MDM or provide corporate security devices, but this exposes you to risk. Alternatively you can let a user install their own security, but with this there is a higher chance you will be breached.”

“A business could allow the device and install a MDM lockdown, but there's no point in doing this as it doesn’t make sense from an employee point of view - they’ll have their device but they won’t be able to use it,” Malcho says.

ESET has a layered security approach. When the download starts, the vulnerability shield scans network traffic. Next, content is processed and an exploit blocker checks for anomalies. The file is accessed or run, and advanced heuristics performs the DNA scan. When the file is running, an advanced memory scanner checks its memory. Finally, the ‘malware talks back’ and the botnet protection inspects the communication.

“Malware isn’t as unique nowadays,” says Malcho. “When it’s unpacked we can know what it is and we can cover it quite easily.”

"We have our own security technology," says Malcho. This includes an exploit blocker, botnet protection, advanced memory scanner, ESET LiveGrid, malware sample processing and advanced heuristics.

ESET LiveGrid is a more specific, anti-virus reputation system to help detect threats, says Malcho.

When an executable file or archive is being inspected on a user’s system it is compared against a database of white and blacklisted items.

Those found on the whitelist are considered clean and scanning performance is improved. If it's on the blacklist actions are taken to match the level of threat, and if there is no match the file is scanned thoroughly. New threat information is streamed to the ESET labs cloud.

Using the feedback, researchers build a snapshot of the nature and scope of global threats and focus on the right targets, says ESET.

At the reserarch lab, infected samples from customers, partners and distributors are analysed and processed, deciding whether the file or URL is malicious, says Malcho.

Larger businesses should be aware of what is available and what they are protecting, says Malcho. The cost of defence is relevant to the business, it all has to be taken into account.

Furthermore, the user is a big part of the security chain, says Malcho. It’s important to have best practice and raise awareness with education, he says.

"Encryption and two-factor authentication as well as best practices are things people should really consider," says Malcho. "It makes it harder for people to attack, less convenient for the hacker and more secure."

To find out more, visit the Eset website.

Share on: LinkedIn Twitter