Kaspersky Lab Comes Together with ITU-T to Strengthen IoT Security

Woburn, MA – February 14, 2018 – Today, Kaspersky Lab is announcing its contributions to the development of a new international standard on “Security capabilities supporting safety of the Internet of Things” (Recommendation ITU-T Y.4806), which was developed in January 2018. Kaspersky Lab ICS CERT experts collaborated with ITU’s Telecommunication Standardization Sector (ITU-T) to provide up-to-date specific recommendations for IoT framework security for this new standard.

As a member of ITU-T Study Group 20 “Internet of things (IoT) and smart cities and communities,” Kaspersky Lab was a key contributor to the development of Recommendation ITU-T Y.4806 “Security capabilities supporting safety of the Internet of things” in order to determine which security capabilities specified in Recommendation ITU-T Y.4401/Y.2068 “Functional framework and capabilities of the Internet of things” support safe execution of IoT. The new standard classifies security issues for IoT, examines possible threats for security systems, and clears out the safe execution of IoT cyber-physical systems supported by security capabilities.

In the wake of the recent TRITON attack targeting industrial control systems, it became obvious that attacks on cyber-physical systems can not only affect the information aspects, but also functional safety. The new Recommendation ITU-T Y.4806 is mostly applicable to protecting safety-critical Internet of things (IoT) systems, such as industrial automation, automotive systems, transportation, smart cities, and wearable and standalone medical devices.

“Our aim was not only to plant the flag on the idea of high probability of IoT security breach attacks, but also to determine the methodology for developing specific requirements,” said Andrey Doukhvalov, head of future technologies, Kaspersky Lab. “We believe that our contribution to ITU-T’s IoT security standard (Recommendation ITU-T Y.4806) will help organizations develop more efficient cybersecurity strategies to guard themselves from today’s modern cyberthreats.”

According to Kaspersky Lab ICS CERT experts, the most common cyber-physical system vulnerabilities include:

1. Insufficient protection of embedded web servers (web applications);
2. Self-made poorly implemented cryptography;
3. Built-in credentials, which are stored in firmware of programmable logic controller and allow remote hidden access with high privileges;
4. Execution of arbitrary code;
5. Escalation of privileges.

To counter the above vulnerabilities and other less frequent IoT security challenges, the recommendations developed by Kaspersky Lab ICS CERT experts describe how to proceed from the types of impact on the cyber-physical system to the analysis and modeling of threats, functional safety, and the development of recommendations on security measures – illustrating the described method with concrete examples. To avoid attacks such as TRITON, and as per Recommendation ITU-T Y.4806 which summarizes the data necessary to establish the requirements for industrial control systems to resist security threats that could affect safety, Kaspersky Lab experts strongly recommend to do the following:

• Implement reliable and attack-resistant communication infrastructure and monitoring mechanisms, as well as mutual authentication and authorization for management and control;
• Implement the audit of management and control procedures and attack detection mechanisms;
• Implement the mechanism to monitor the load on equipment and communication channels, including the detection of both unintentional overload and denial of service attacks.

The full method and list of advice for the protection of IoT critical infrastructures can be found in Recommendation ITU-T Y.4806.

To find out more about Kaspersky Lab’s Industrial Cybersecurity expertise, please visit https://ics-cert.kaspersky.com/

About ITU-T

The Study Groups of ITU’s Telecommunication Standardization Sector (ITU-T) assemble experts from around the world to develop international standards known as ITU-T Recommendations which act as defining elements in the global infrastructure of information and communication technologies (ICTs). ITU-T Study Group 20 (SG20) “Internet of things and smart cities & communities SC&C” is working to address the standardization requirements of Internet of Things (IoT) technologies, with a special focus on IoT applications in smart cities and communities. SG20 develops international standards to enable the coordinated development of IoT technologies, including machine-to-machine communications and ubiquitous sensor networks. A central part of this study is the standardization of end-to-end architectures for IoT, and mechanisms for the interoperability of IoT applications and datasets employed by various vertically oriented industry sectors.

About Kaspersky Lab

Kaspersky Lab is a global cybersecurity company operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

For the latest in-depth information on security threat issues and trends, please visit:

Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact:

Denise Berard

508.274.0704

Denise.Berard@kaspersky.com