Keeping devices in check

Issue 7 2022 Cyber Security, Asset Management, EAS, RFID, IT infrastructure

Kaspersky’s latest invention is intended for logically linking various electronic devices into a single network around the account of the owner and identifying similarities between device configurations. The technology will help to prevent any user devices from becoming a vector of attack against another device or user data, and will inform them if their configuration is insecure.

According to Deloitte, the number of electronic devices with a network interface belonging to the same household or user has doubled in only the last three years. The similar growth, however, can be also observed in the attacks targeting IoT devices. This situation provokes the need for technologies that will ensure the security of various and mutual Internet-connected devices and their owners.

A single smart home usually consists of a number of devices, including home appliances and wearables with different security integration capabilities, code vulnerabilities and patch timing. So today, to keep a home safe from cyberattacks, an owner of all these devices must dedicate special attention to ensuring regular device patching, or configuring a secure device network that isolates insecure gadgets from others.

The patent ‘System and Method for Analysing Relationships Between Clusters of Electronic Devices to Counter Cyberattacks’, issued by the US Patent and Trademark Office, provides a new method of facilitating cybersecurity management of IoT devices. It allows users to detect every gadget belonging to the same network environment and to correlate them with similar networks for further identifying actual or potential cybersecurity gaps. Thus, if any device in the user’s network is insecure and has already been an attack vector, or if a similarly configured network has been compromised, the technology will detect it and warn the user or security solution about the possible danger.

While conventional linking technologies rely on data which can be removed (such as cookies) or on heuristics having inadequate accuracy, the Kaspersky invention offers reliable and long-lasting linkage of devices, relating them to a profile and operatively responding to a change in the user profile.

The patented technology also ensures attribution of an unknown device to a cluster of devices. The method implies the defining of relationships between the gadget and its environment/surroundings, and further applies the discovered patterns for attributing other devices into the same cluster. A relationship between the devices is determined using the computed similarity metric. This technology is intended to help cybersecurity solutions analyse connected devices to further understand if specific devices or their particular configuration pose any risks, and also offers the kind of protection needed and provides it.

“The technologies of linking devices are mostly used in marketing for learning consumer behaviour. But as a cybersecurity company, we saw that this functionality has a large potential in addressing the current challenges of connected device protection,” says Dmitry Ivanov, inventor of the technology and intellectual property specialist at Kaspersky. “Although the patented technology is not yet implemented into Kaspersky solutions, we are exploring possible ways for its application to make sure that it will advance IoT security to a new level.”

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Industrial control systems under attack
News Cyber Security
According to Kaspersky ICS CERT statistics, from January to September 2022, 38% of computers in the industrial control systems (ICS) environment in the META region were attacked using multiple means.

Deposita's Digitisor SmartPOS devices can grow your business
Deposita Financial (Industry) Asset Management, EAS, RFID
The Digitisor N910 Pro and N700 SmartPOS devices are suited for SMME retailers and suppliers looking to enhance their customer payment experience.

OSINT: A new dimension in cybersecurity
Cyber Security
The ancient Chinese strategist Sun Tzu noted, you should always try to know what the enemy knows and know more than the enemy.

Sasol ensures Zero Trust for SAP financials with bioLock
Technews Publishing Editor's Choice Cyber Security Security Services & Risk Management
Multi-factor authentication, including biometrics, for SAP Financials from realtime North America prevents financial compliance avoidance for Sasol.

Hytera and KZN Police Service roll out digital call handling system
Government and Parastatal (Industry) Asset Management, EAS, RFID Integrated Solutions
Hytera Communications announced that the municipality of Ray Nkonyeni in the KwaZulu-Natal province of South Africa is now using its digital call handling system for the reporting and recording of crimes.

Smart parking management platform
Access Control & Identity Management Asset Management, EAS, RFID
Parket builds a seamless bridge between supply and the ever-increasing, but fluid – and often temporary – demand for parking bays.

Building a holistic application security process
Altron Arrow Cyber Security
Altron Arrow asks what it means to build a holistic AppSec process. Learn what’s involved in a holistic approach and how to get started.

Managing data privacy concerns when moving to the cloud
Cyber Security
While the cloud offers many business benefits, it can also raise concerns around compliance, and some organisations have taken the approach of staying out of the cloud for this reason.

Accelerating your Zero Trust journey in manufacturing
IT infrastructure Cyber Security Industrial (Industry)
Francois van Hirtum, CTO of Obscure Technologies, advises manufacturers on a strategic approach to safeguarding their businesses against cyber breaches.

The democratisation of threats
Cyber Security
Bugcrowd looks at some of the primary vulnerabilities the world faced in 2021, and the risks moving forward with growing attack surfaces and lucrative returns on crime.