边缘计算安全防护方案书
合集下载
相关主题
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
NXP's Portfolio for Addressing IoT Security
Agenda
• Threat Landscape and Legislation • IoT Security Strategies • NXP Products: Secure Edge • Product Functional Showcases
BotNet attacks for sale
1/’14
3/’15
10/’16
AT&T study on Botnet activity across its global network.
Spikes indicate recruitment of new bots into the network before a massive attack was launched
…thieves can use relay boxes to boost the fob's signal. This tricks the system into believing the fob is near the car…
“…say availability of relay equipment should be outlawed, and anyone found with it who is not a bona fide industry representative dealt with as if going equipped to steal."
• IoT devices with weak cybersecurity allow attackers entry into protected networks
5
These Attacks Are Not Incidents – It is Structural
Botnet activity rises as the IoT becomes a target – AT&T study
4
Consumer IoT Device Attack Trends
https://www.rsaconference.com/writable/presentations/file _upload/sem-m03d-profiting-from-hacked-iot-devicescoin-mining-ransomware-something-else.pdf
Casino
hack
Overview of high-rollers extracted via thermostat of a fish-aquarium in the lobby
Nest Hack
Security camera shut down by a simple click on a phone
Target Hack
Target declared that the total cost of the data breach had been $202M NBC news, May 24, 2017
3ቤተ መጻሕፍቲ ባይዱ
The vehicles can be stolen using "cheap electronic equipment" purchased online,
Screenshot of study into the cost of launching a DDOS attack – Actual Service offering available on the Web
SEPTEMBER 20, 2017 by Mamta Badkar in New York
Parcel delivery company FedEx said on Tuesday that a June cyber attack on its TNT Express unit cost the company $300m in the first quarter, … the NotPetya cyberattack, which originated from tax preparation software in Ukraine and resulted in the disruption of communications systems at TNT Express.
− Secure Elements and Microcontrollers − Edge Compute Application Processors − Device Cloud Management Software − Solutions
• Conclusions
1 1
Threat Landscape and Legislation
2
The Lack of Security in IoT is Now Tangible
Mirai botnet
Disruption of major Internet services
Jeep hack
Loss of control over vehicle via WiFi connection
• Profitability motivates the IoT attacker
• DDoS attacks are enabled by dark web store fronts
• As the value of devices and the data they handle increases, Ransomware or device lock out attacks will rise
manufacturers should basically not offer keyless technology which is counter to customer demand and feedback."
…owners of keyless cars should take extra security precautions, including storing their fobs in a "metal box or shielded pouch"
Agenda
• Threat Landscape and Legislation • IoT Security Strategies • NXP Products: Secure Edge • Product Functional Showcases
BotNet attacks for sale
1/’14
3/’15
10/’16
AT&T study on Botnet activity across its global network.
Spikes indicate recruitment of new bots into the network before a massive attack was launched
…thieves can use relay boxes to boost the fob's signal. This tricks the system into believing the fob is near the car…
“…say availability of relay equipment should be outlawed, and anyone found with it who is not a bona fide industry representative dealt with as if going equipped to steal."
• IoT devices with weak cybersecurity allow attackers entry into protected networks
5
These Attacks Are Not Incidents – It is Structural
Botnet activity rises as the IoT becomes a target – AT&T study
4
Consumer IoT Device Attack Trends
https://www.rsaconference.com/writable/presentations/file _upload/sem-m03d-profiting-from-hacked-iot-devicescoin-mining-ransomware-something-else.pdf
Casino
hack
Overview of high-rollers extracted via thermostat of a fish-aquarium in the lobby
Nest Hack
Security camera shut down by a simple click on a phone
Target Hack
Target declared that the total cost of the data breach had been $202M NBC news, May 24, 2017
3ቤተ መጻሕፍቲ ባይዱ
The vehicles can be stolen using "cheap electronic equipment" purchased online,
Screenshot of study into the cost of launching a DDOS attack – Actual Service offering available on the Web
SEPTEMBER 20, 2017 by Mamta Badkar in New York
Parcel delivery company FedEx said on Tuesday that a June cyber attack on its TNT Express unit cost the company $300m in the first quarter, … the NotPetya cyberattack, which originated from tax preparation software in Ukraine and resulted in the disruption of communications systems at TNT Express.
− Secure Elements and Microcontrollers − Edge Compute Application Processors − Device Cloud Management Software − Solutions
• Conclusions
1 1
Threat Landscape and Legislation
2
The Lack of Security in IoT is Now Tangible
Mirai botnet
Disruption of major Internet services
Jeep hack
Loss of control over vehicle via WiFi connection
• Profitability motivates the IoT attacker
• DDoS attacks are enabled by dark web store fronts
• As the value of devices and the data they handle increases, Ransomware or device lock out attacks will rise
manufacturers should basically not offer keyless technology which is counter to customer demand and feedback."
…owners of keyless cars should take extra security precautions, including storing their fobs in a "metal box or shielded pouch"