Story image

Fujitsu Labs takes network control approach IoT security

29 May 18

Fujitsu Technologies has developed a new kind of network control technology that is able to secure IoT devices installed in the field.

According to the company, it technology analyses and manages interconnectivity between IoT devices and network devices, based on operating information collected in gateways.

This responds to changes in network structure so it can spot IoT devices that may be behaving in a suspicious way.

Fujitsu Laboratories also developed the technology so that can control communication blocks. The technology can be used in cases where an IoT device is infected in malware and started to attack other devices. The technology can detect that communication by comparing ordinary communication routes through a gateway with the actual routes.

A statement from Fujitsu Laboratories says that IoT adoption has been increasing in many industrial fields, particularly as sensors and manufacturing equipment become connected to networks.

IoT devices have also been damaged by malware attacks worldwide, which has created an urgent need for security countermeasures in IoT devices.

“In many cases, however, IoT devices do not support antivirus software due to CPU, memory, or OS restrictions, and even if antivirus software is deployed, often software updates that require the device to be rebooted are not executed as the IoT device cannot be stopped while in operation. Due to these factors, the current situation is that many IoT devices are operating with insufficient security measures.”

While some vendors have suggested using gateways to separate IoT networks from other networks, however cyber attacks don’t necessarily need to use gateways. If a device is infected with malware and connected inside the network, it’s not possible to protect them from cyber attacks, Fujitsu Laboratories says.

The company approached IoT security from a network topology viewpoint, in which technology can “collect operating information about IoT devices and network devices from gateway devices, deduce the topology of the network the IoT devices are connected to, and appropriately control the network devices based on this information”.

The company tested the technology using a fake malware variant and found that its technology could minimize the impact of cyber attacks when it is installed in gateways.

“With this technology, it will be possible to provide secure operations using existing setups, without exchanging or deploying new IoT devices with security countermeasures in sites such as factories, which require the continued operation of production equipment with long service lifespans.”

Fujitsu Laboratories says it plans to commercialize the technology during fiscal 2018 as gateway functionality for the Fujitsu Network Virtuora series of network products. The company will also continue to develop the technology.

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
Is mobile shopping compromising your enterprise security?
When employees do their holiday shopping on company resources, security teams have a challenge with the surge in browsing and online transactions.