IOT Application Security

How You Can Protect Apps that Run IoT Devices Almost Instantly

On October 21, 2016, Twitter, Spotify, the New York Times, Netflix and other high-profile brands simultaneously became inaccessible on the internet. Dyn, the company that maintains the web address directories of these and some other well-known companies, saw the most extensive Distributed Denial of Service (DDOS) cyber attack ever witnessed.

Hundreds of thousands of home devices connected to the internet sent billions of data packets to knock out the registry called the Domain Name Service (DNS). Most of the IoT devices involved was either poorly password-protected or completely unguarded: smart meters, smart cameras, smart watches, smart TVs, intelligent coffee makers and more. Hangzhou Xiongmai Technology manufactured many of the internet-connected machines.

The damage the incident caused Xiongmai’s reputation was incalculable.

Billions of Vulnerabilities and Counting

With the number of Internet of Things (IoT) devices fast-approaching the number of human beings on Earth (9 billion and counting), the number of entry points for hackers to infiltrate networks at home, on the road, and in workplaces is expanding at an exponential pace.

Another weak link in the IoT chain are the apps on smartphones and tablet computers that control IoT devices. The apps that vendors provide IoT users use binary libraries that enable smart machines to control IoT devices remotely.

Hackers are well aware of the vulnerabilities on smartphones and tablets. They target malware at the apps to take over smart devices. Vendors are as much remiss about protecting the apps consumers use as they are in protecting IoT products.

The Benefits of RASP

RASP (Runtime Application Self-Protection) can protect smart and IoT devices in ways that conventional antivirus solutions cannot. Traditional security approaches are only as useful as antivirus makers are aware of threats that the cybersecurity industry has published. RASP, however, protects one of the most critical parts of a device – its apps – whether or not it knows the designation of a cyber threat.

  • Quickly release protected apps, without affecting the development timeline
  • Unchanged User Experience – users won’t even notice it’s there
  • Prevent attacks that occur while apps are running
  • Block against unauthorized access to devices
  • Protect against changes to application programming code to subvert equipment
  • Guard against reverse engineering software to discover vulnerabilities
  • Avoid damage to vendor brand and reputation due to cyber intrusions
  • Protect from Intellectual property theft.

Promon SHIELD™ actively defends applications and more

Promon SHIELD™ is a set of tightly integrated cybersecurity tools that work at the application level. Just some of the functionality Promon SHIELD™ include:

Runtime Application Self-Protection (RASP) is a security technology that is built or linked into an application or application runtime environment. When the RASP software sees that malware is changing the permissions attached to an application, RASP will modify the activity of the application to ensure the attack is not satisfactory.

Whitebox cryptography dissolves keys into the programming code and obscures algorithms, even at runtime. The technique keeps keys safe even when an attacker has complete access to the device on which the cryptographic functions are executing.

Privilege Escalation detection alerts app custodians whether malware has compromised a device’s operating system at the root level. This form of systems subversion is called Jailbreaking or Rooting.

Additionally, Integrity Checks can detect whether malware has altered an application. Integrity checks use validations like checksums to ensure apps are secure. They also audit the inventory of libraries and calls included in the software.

Device Binding securely links an authorized user to his device(s). It is crucial for the prevention of cloning or repurposing of cryptographic keys.

Anti-debugging/Emulation detection can identify ongoing attacks to a device. It also protects against the use of debug tools that reverse-engineer applications.

The brave new world of IoT promises device makers and consumers seemingly endless opportunities for productivity and diversion. Promon SHIELD™ can help protect that promise.