According to multiple IT experts, we’ve only scratched the surface of the danger that Ripple20 represents to cybersecurity. This is important if you care about the Internet of Things (IoT), since researchers at JSOF have found 19 security vulnerabilities lurking in nearly every IoT product.
JSOF identified these zero-day vulnerabilities in a software library that’s broadly used in IoT devices. According to JSOF, these vulnerabilities impact “hundreds of millions of devices (or more).”
What are the risks, implications, and potential consequences of these vulnerabilities? The researchers noted that attackers can do serious damage because of Ripple20, including steal data right off of a printer, alter how an infusion pump behaves, or enable intruders to access a company network, to name a few.
Local Security Solutions
Companies are not without recourse to address these frightening security problems. Local security and software-defined perimeters (SDP) are two solutions — and they work best when combined; neither on its own may be able to fully prevent attackers.
For example, local security solutions are best at providing endpoint security for hybrid environments. They also excel at protecting data moving between and within clouds. SDP solutions bring other strengths to the table, including the ability to use application-level micro-tunnels to shield IoT devices from the general public, reducing the threat of lateral attacks. By setting strong limits on remote users, each user can only access the applications they need.
SDP Solution
SDP has other advantages as well, such as enabling IoT devices and gateways to communicate directly with each other. This occurs via secure network communications over, for example, the public internet by way of the User Datagram Protocol (UDP).
Randomly generated, non-standard UDP ports for on-demand micro-tunnel communications only need a single UDP message channel between IoT devices and gateways, helping to secure IoT devices. With no open ports, SDP essentially removes surfaces that might have been vulnerable to attack.
SDP software also allows companies to spread workloads across multiple clouds, securely connected by application-specific micro-tunnels. This shrinks risk should an outage occur so that organizations are free to move operations from one cloud to another.
SDP and Local Combined
SDP can provide even greater protection, though, when paired with a local security solution. If the IoT devices with Ripple20 vulnerabilities can be accessed over the LAN, then attacks are still a big risk.
You should think of SDP as a “transport layer,” if you will—one that can open the door to private paths for data—still keeping in mind that local security has the issue of being local. But when you combine these two solutions—local plus SDP—the result is a much stronger, virtually impenetrable defense that can stop Ripple20 vulnerabilities in their tracks.