What?

Connecting IOT Devices to my IT

Network? No Way!
Keynote Presentation to the Society Information Management (SIM)

Sandhiprakash Bhide, Visionary Leader, Strategist & Future Technologist

Previously Director of Innovation, IOT Group, Intel Corporation
Sept. 14, 2016

Agenda

1. IT network Today
2. New IOT devices that will be online
3. What about those IOT devices
4. Key network strategies to evolve to
5. Key considerations for IT
6. What would the future architectures look like?
7. Closing thoughts
Internet of Things Group

IT Perspective

IT is all about Cost/Benefit and ROI

IT is all about tangible results
IT is all about Risk Management
IT is UX, Safety, Security, Asset Protection,
Any new devices added cannot violate these
basis principles

Internet of Things Group

Some key revelations from SecurityWeek

1. IOT devices are becoming an increasingly important part of enterprise

environments, yet companies continue to fail at securing them
properly, a recent report sponsored by ForeScout reveals.
2. Many devices feature vulnerable software or re-use cryptographic
secrets that make them vulnerable, yet there are also those who
are sold with malware embedded in them right from the start.

3. IOT devices on the network: 66% of respondents feel that 25% or less
devices in the network are IoT. 85% of respondents said they arent
confident they know all devices in the network, but nearly two-thirds of
them admitted to having 6-15 unique device types on their networks.
Internet of Things
Group
Source:
http://www.securityweek.com/iot-devices-not-properly-secured-enterprise-networks-survey, June 14, 2016

Some key revelations from SecurityWeek

4. Security Policy: 44% said they have a policy, 26% admitted they didnt
know, and 30% said no such policy was in use. 33% were aware of
their companys security policy covering home networks too, while 45%
said that accessing the corporate network from home wasnt covered
by the existing policy.
5. Device Discovery: 89% felt its important to discover an IoT device on
the network. 87% said it is important to classify IoT devices. 86%
found discovering/classifying w/o the use of an agent to be important.

6. Securing IoT devices on the network: 30% of respondents relied on

industry/manufacturer methods, such as Wi-Fi, WPA22, BT protocols.
17% said they have a password on the network, 13% didnt know and
14% werent aware of such protection.
Internet of Things
Group
Source:
http://www.securityweek.com/iot-devices-not-properly-secured-enterprise-networks-survey, June 14, 2016

Man ! That is scary !!

Internet of Things Group

Typical IT Network today

3/4/5G

Router

Firewall

Switch

Internet

WAN

Proxy

FTP

Web

Email

LAN

DB

Internet of Things Group

Desktop, Laptops, Tablets, Phones (~1.6B)

Enterprise Devices on the IT Network

Internet

Malware
Viruses
Physical
Spoofing
Denial of
Service
Worm

Trojan
Horse
Internet of
ThingsConsumer
Group
Then,

Devices

A recent example is the failure to secure thousands of Internet-connected printers around the world,
which allowed a researcher to access them via port 9100 and to set all of them to print an anti-Semitic flier. 8

Other office-specific devices in the offices

Lighting

HVAC

Sensors
Energy

Security Cameras

Wearables

Entertainment Devices

Internet of Things Group

Today Security, Lighting, HVAC, etc.

are connected through Building
Management System (BMS), but there
are many issues...
Internet of Things Group

10

Building Management Systems

Heating,
Ventilating,
Air-conditioning Control (HVAC), BAC Building Automation and Control, VAV Variable Air Volume
Internet
of Thingsand
Group
Image above by: http://www.wbdg.org/resources/cybersecurity.php

11

Issues: Lighting, HVAC, Security,

1.
2.
3.
4.
5.
6.
7.
8.

Different Systems for different Apps Problem for Integration

Sensing and Actuation both may not be possible
Lack of Finer Grain Control
Lack of Individual Device Level Control
Little Device Security
Complexity of Multiple System
Lack of Local Intelligence
Lack of Extensibility and Upgradeability

Interesting Note: IT and WSPs have already solved these problems for laptops, tablets, smart
Internet of Things Group
phones, printers,

12

Examples

1. Lighting Systems
2. HVAC Controls

3. Surveillance/Security Camera

4. Presence in conference rooms

Internet of Things Group

13

Life with 1T sensors + 50B devices?

Internet of Things Group

14

Most of the 50B devices will be

unprotected & open to hacking !
IT should be worried !!

Loss of economic value & innocence

(opt-in without knowing consequences)
How many 20 pages of legal stuff will
you read?
Safety, security at risk
Internet of Things Group

15

Manageability, Upgradeability,
Security, Large Data sizes, Power,
Communication, Processing,
Analytics, and redundancy
problems are going to explode !!
Internet of Things Group

16

Hackers are already attacking the industrial world

Shamoon [virus] was an external
attack on Saudi Oil Production (Info
Security magazine, Dec. 10, 2012))

World First Cyber hijack: Was missing

Malaysia flight hacked by mobile
phone? (Express, March 16, 2014)

How Hackers can take control of your

Car (EE Times, Jul 8, 2013)

Target hackers broke in via HVAC

company (CNBC, Feb 5, 2014)

Thousands of IoT control systems

vulnerable: DHS Study (Info Week,
Jan 11 2013)

Attack on California substation fuels

Grid Security debate (IEEE Spectrum,
Feb 2014)
Internet of Things Group

Hackers break into networks of 3 big

medical device makers (SF Chronicle,
Feb 10, 2014)

Underground copper wire heist causes

San Jose freeway flood (SJ Mercury
News, Feb 28, 2014)
17
17

What should be the strategy to

include these new IOT devices in
the architecture?
Internet of Things Group

18

Strategy 1

IT

Build a Wall
1

Internet of Things Group

IOT

Advantages
1. Keeps away the contamination
2. Security, device management does
not turn into a nightmares
3. Simpler IP addressing
4. QoS and Latency not critical
5. Easy management of rogue devices
Disadvantages
1. High cost of creating a parallel new
network
2. Separate IT and Facilities
Management personnel
3. Employee has no access/control
4. Operational inefficiencies
19

Strategy 2

IT

Create one
Ubiquitous
Network
2

Internet of Things Group

IOT

Advantages
1. Reduced cost of deployment
2. Easier IT/Facilities management
3. IPV6 addressing
4. Employees can also have direct
control over certain devices
5. Uniform policy management
6. Easier OS, analytics, profile update
7. Sensing as well as actuation
Disadvantages
1. Security vulnerabilities
2. QoS/Latency issues
3. Rogue devices creep
4. Device Volume/Management
20

Strategy 3

IT

Build a hybrid
Network
(Gateway)
3

Internet of Things Group

IOT

Advantages
1. Phased transition of devices
2. Staggered deployment cost
3. Easier IT/Facilities management
4. Device security behind a gateway
5. Employees can also have direct
control over certain devices
6. Uniform policy management
7. Easier OS, analytics, profile update
8. Sensing as well as actuation
Disadvantages
1. QoS/Latency issues
2. Device Volume/Management

21

There is no ideal solution.

Each case is different.
Implementation is defined by
organizational priorities
Internet of Things Group

22

Issues facing with adding IOT to IT network

1. Security: Many IOT devices do not come with security

2. Volume: 30X more devices will be added to the network

3. QoS: When there is a critical event, e.g. fire, or a water leak, how to
ensure the event gets the highest priority?

4. Power: How do we power these devices? 110V, batteries, or energy

harvesting?
5. Device Upgrade/Replacement: How do you upgrade (OS, analytics,
profile, and Firmware) in real time? Detect when a device dies?
6. Redundancy/Failover: How do you ensure reliable operation?
Internet of Things Group

23

Issues facing with adding IOT to IT network

7. Manageability/Support: How to recognize/fulfill support needs?

8. Processing/Analytics: How do you define where the analytics processing

occurs (end node, edge, or cloud), on-premise or off-premise?

9. Storage: Where is the data stored, what is the retention period, and should be
data be even stored or only exceptions?
10. Communication: What are the wireless protocol that makes sense? Should
the devices be connected over BT, Wi-Fi, or WAN? Bandwidth? Real time?
11. Data Sizes: The amount of data created is going to be humongous! What
type of data it is?
12. Human Safety: What are the implications on human life?
Internet of Things Group

24

We live in Exponential Sensor Times

IOT takes it several orders of

magnitude forward
Internet of Things Group

From Tsensors Summit Janusz Bryzek Roadmap for Trillion Sensor universe

25

Data Load on Analytics Framework

Internet of Things Group

Unique thing IOT Data (it can be reduced)

Wisdom
Knowledge
Information
Sensors Data
Internet of Things Group

27

Step by Step Transition

HVAC

Video

Digital
Lighting
Signage

Elevator

Advanced
Metering

PACS

HVAC

Video

Digital
Signage

Elevator

Advanced
Metering

PLC
IT

BAS
Fire and Life and Safety (FLS)
Physical Security and Access Control (PACS)
Energy Management Systems (EMS), which includes Lighting Control
Internet
of Things
Group
Heating,
Ventilation
and Air
Conditioning (HVAC)

Lighting

PACS

Gateway
IT

WAN
28

IT/IOT Architectural Ubiquity

HVAC

Video

LAN/WAN

Digital
Lighting
Signage

Elevator

Advanced
Metering

PACS

IOT

IT

BAS: Fire and Life and Safety (FLS), Physical Security and Access Control (PACS), Energy Management Systems (EMS), which includes
Internet
of Things
Group
Lighting
Control,
Heating,
Ventilation and Air Conditioning (HVAC)

29

Closing Thoughts
1. Security/Human Safety Priority #1

2. Validate IOT Devices before adding them to the IT Network

3. Use phased approach to adding devices and systems

4. Define economic value/metrics/replacement cost and then monitor

5. Key Considerations: Security, Volume, QoS, Power, Device Upgrade

and Replacement, Redundancy/Failover, Manageability/Support,
Processing, Analytics, Storage, Communication, Data Sizes and type
of Data
Internet of Things Group

30

Internet of Things Group

Thank you

31

Backup
32

New Security Threats to Personal IOT

Devices Baby Monitor: Hacker takes over baby monitor and shouts
obscenities at sleeping child. (ABC News, 13 Aug 2013)

Fridge sending out spam after web attack compromised gadgets.

One of > than 100K devices used in spam campaign. (BBC News.
Jan 2014)
Wearable Computing Equals New Security Risks,
(InformationWeek. 13 Jan 2013)
Medical Devices: Were starting to attach medical devices to
electronic health records, and theyre not secure.' (Healthcare IT
News. May 2013)
Credit Card Information System: Target Confirms Point-of-Sale
Malware Was Used in Attack (Security Week. 13 Jan 2014)
Internet of Things Group

33
33

Glossary of Terms
1.
2.

3.

4.

5.

Hacker Attacks: Indicates attacks that are not automated by programs such as viruses, worms, or Trojan horse programs.
There are various forms that exploit weaknesses in security. Many of these may cause loss of service or system crashes.

IP spoofing - An attacker may fake their IP address so the receiver thinks it is sent from a location that it is not actually from.
There are various forms and results to this attack. The attack may be directed to a specific computer addressed as though it
is from that same computer. This may make the computer think that it is talking to itself. This may cause some operating
systems such as Windows to crash or lock up. Gaining access through source routing. Hackers may be able to break
through other friendly but less secure networks and get access to your network using this method.
Session Hijacking - An attacker may watch a session open on a network. Once authentication is complete, they may attack
the client computer to disable it, and use IP spoofing to claim to be the client who was just authenticated and steal the
session. This attack can be prevented if the two legitimate systems share a secret which is checked periodically during the
session.
Server spoofing - A C2MYAZZ utility can be run on Windows 95 stations to request LANMAN (in the clear) authentication
from the client. The attacker will run this utility while acting like the server while the user attempts to login. If the client is
tricked into sending LANMAN authentication, the attacker can read their username and password from the network packets
sent.

DNS poisoning - This is an attack where DNS information is falsified. This attack can succeed under the right conditions, but
may not be real practical as an attack form. The attacker will send incorrect DNS information which can cause traffic to be
diverted. The DNS information can be falsified since name servers do not verify the source of a DNS reply. When a DNS
request is sent, an attacker can send a false DNS reply with additional bogus information which the requesting DNS server
may cache. This attack can be used to divert users from a correct webserver such as a bank and capture information from
customers when they attempt to logon.

Internet of Things Group

3434

Glossary of Terms

1.
2.
3.

4.
5.

6.
7.

Password cracking - Used to get the password of a user or administrator on a network and gain unauthorized
access.

Viruses - This type of malicious code requires you to actually do something before it infects your computer. This
action could be opening an email attachment or going to a particular web page. It reproduces itself by attaching to
other executable files.

Worms - Worms propagate without your doing anything. They typically start by exploiting a software vulnerability (a
flaw that allows the software's intended security policy to be violated). Then once the victim computer has been
infected, the worm will attempt to find and infect other computers. Similar to viruses, worms can propagate via
email, web sites, or network-based software. The automated self-propagation of worms distinguishes them from
viruses. Self-reproducing program. Creates copies of itself. Worms that spread using e-mail address books are
often called viruses.
Trojan horses - A Trojan horse program is software that claims to do one thing while, in fact, doing something
different behind the scenes. For example, a program that claims it will speed up your computer may actually be
sending your confidential information to an intruder.

Spyware - This sneaky software rides its way onto computers when you download screensavers, games, music,
and other applications. Spyware sends information about what you're doing on the Internet to a third-party, usually
to target you with pop-up ads. Browsers enable you to block pop-ups. You can also install anti-spyware to stop this
threat to your privacy.
DoS- Denial of Service

Logic Bomb - Dormant until an event triggers it (Date, user action, random trigger, etc.).

Internet of Things Group

3535