That moment when you look around your workplace and realize, YOU ARE THE SECURITY RISK!

Image result for trojan horseI talked yesterday about the two huge risks that are sitting between you, your devices and your workplace. In particular yesterday the discussion focused on the risk for business’ as they have employees connected from home.

There is an easy way to solve the problem, not allow workers to connect from home. It reduces the attack surface and decreases the overall organizational risk. It isn’t a great employee retention idea, but it is a great security idea.

The other option is to help home users improve their security. The beauty of improving home network security is that you can also begin to move a little on the other issue. That of declining home bandwidth. Today, you need much larger download than upload speeds. The only issue there is the reality of what IoT brings. More uploads that are constant and consistent. And a most likely a home router that doesn’t have a huge cache. The cache or buffer is used to manage the flow of information from your devices to the internet and from Internet devices to your home. The larger the cache the slower the connection you can have without lots of pauses.

What causes routers to need their cache? When there are lots of devices sending acknowledgements back to the Internet. IoT devices send information to the Internet constantly. It is the value and the curse of the device.

Here is where that router comes in, both bandwidth and security. First, every device that is connected in your home sends a signal to another device (well not every device, the smart ones do). So, from NEST smoke detectors to connected thermostats and other connected devices there is a constant stream of information going out. Remember, that home router of yours has a very small cache. ISP’s don’t go decking out maximum routers. They are looking for generic, generic is much easier for their helpdesk to support that the decked out, tricked out router is.

So, all those chattering devices are talking. I have a device called Pocket Ethernet. It is an old-fashioned device. Well it is a cool new device, with an iPhone app, but it is old fashioned in the sense that once upon a time we used applications called Network Sniffers. My network is configured differently on purpose having 4 distinct network segments. The intent of that is two-fold, but the story that is told by device traffic is why the story is two-fold. First off, I have a connected weather station. I love my weather information. That connected weather station however generates traffic on my network. As does the home automation system I have. In fact, so do all the devices you have connected in your home. They connect and communicate. Google or Android based devices connect back to google for application data, information and updates to software. The same for apple devices. Each one generating network traffic.

I ran the pocket Ethernet tool for about five days. I noticed on bad days (I was working from home) I was generating about 15 megs of data uploads. My peak upload period was 54 megs. My low was 9. On a Friday night, that was not my peak but with three different people watching Netflix my uploads were running about 17 megs.

trojan horse 1Why do you care? First off because that is more than most cable models support. Most people aren’t going to have this issue today. I am an outlier today. But in a year or two, I will be far beyond the numbers you see today. You, on the other hand will probably be close to these numbers. That means if you have a 10-meg capped upload speed, your modem is going to be using its cache to maintain the uploads. Your network will fall over. When networks fall over they are more vulnerable than when all things are working.

I wrote, many years ago an article asking if the Internet could support 100% of the world’s traffic. My gut was then, no. Now that network has improved, but frankly the number of connected devices has expanded much faster. So, my gut still says we need to improve the network.

Security is best served on networks that aren’t stretched. You see a critical part of security is the ability of the device to send and receive security information. If the network is clogged, then the device sends multiple security requests. All the hacker needs are a Saturated network, and spoofing the ack response to a security request is done. You now have a hacked device. You don’t know it but you do. So, you call your provider and say increase my package for Internet. You increase your bandwidth but the hacked devices are still hacked. So, your home is compromised. You are the Trojan Horse full of Greek soldiers every time you log into your work network.

.doc

IoT pundit…