Being On The Outside Sucks
An article today documented a new Christmas day attack that was different from the sensational ones earlier this year. This one, for me, is an evolution of a pattern we are seeing with hackers. In the October attack, hackers figured out response times by officials; in the Dyn attack, hackers proved that by getting away with almost all of their devices. In this latest attack, hackers figured out how to hide identifying information of their captured devices. Analysts literally have no idea what devices were used in this last attack.
Which just proves our point – you need to be on these devices in order to provide protection.
It needs to be understood that, at the scale of these attacks, a large portion (if not all) of these devices are sitting on some sort of “secure” network. Secured, that is, by one these approaches that have proven completely ineffective in the IoT world. These hackers simply bypass off-device protection, go directly to the device and wreak havoc.
Bear is fundamentally different and focuses on building a secure device from the ground up – identity, authentication, communications control – and then leveraging proven management best practices (Active Directory, policies) on these smart devices. With Bear, even if the device were infected, the malware simply would not be able to work as intended. More to the point, if Bear were on these devices ahead of time (and I am talking to you Mr. Manufacturer/System Integrator), the malware would never have a path to these IoT devices.
In this age of increasingly sophisticated cyber-attacks; glaringly obvious failures in the plethora of other products churning in failed, antiquated, approaches; we really need an innovative new paradigm – one where we finally recognize the power of these smart devices. An approach championed by the platform that is Bear.