Cloudflare Bolster Defences for Internet of Things

The world’s massive population of unsecured connected devices are vulnerable to hack attacks.

Cloudflare Bolster Defences for Internet of Things

The world’s massive population of unsecured connected devices are vulnerable to hack attacks.

The Internet of Things (IoT) has also been dubbed the Internet of Insecure Things OR Internet of Crappy Things.

IoT means that all things should be connected: baby monitors, cars, computers, couches, jewellery, refrigerators, coffee machines, TVs, microwaves, TV, tables, industrial machines etc.

But security and privacy remain critical issues facing the development of these IoT devices as concerns about hackers stealing our data and even threatening our lives intensify.

A hacker can manipulate a smart home to spy on a house.

To prevent the IoT devices being hacked and hijacked by hackers, security firm Cloudflare has put together a security solution to protect the devices from becoming part of the botnet in the first place.

The company, which protects websites and networks from digital attacks, has launched Cloudflare Orbit.

Orbit sits one layer before the device and provides a shield of security, so even if the device is running past its operating system’s expiration date, Cloudflare protects it from exploits. And while devices may be seldom patched, the Cloudflare security team is shipping code every day, adding new firewall rules to Cloudflare’s edge.

Think of it like changing IoT to I*oT — devices can still access the Internet, but only after passing through Cloudflare where malicious requests can be filtered.

For the last year, Cloudflare has been working with several IoT vendors to develop Orbit.

Already more than 120 million IoT devices are safer behind Cloudflare’s network.

Lockitron is one of the IoT companies using Cloudflare.  “Cloudflare provides an extra layer of security that allows us to keep our devices continually updated and ahead of any vulnerabilities,” says Paul Gerhardt, co-founder of Lockitron.

Instead of writing and shipping a patch, IoT companies can write logic on Cloudflare’s edge, and write their own firewall rules to run on Cloudflare, and it updates the Cloudflare Orbit layer immediately, for all of their devices, without their users ever being so much as nudged to install something.

Plus, with requests going through Cloudflare, Cloudflare can compress transmitted data and speed up traffic, meaning less time is spent waiting on open connections and more time left in the battery.

A common challenge we heard from IoT device manufacturers was how to authenticate devices and know which connecting clients have authorised company devices, and which were bots only pretending to be.

Cloudflare now offers Enterprise domains TLS Client Authentication, a TLS handshake where the client authenticates the server’s certificate (as with any TLS handshake) and the client has a certificate that the server authenticates.

With Client Authentication on Cloudflare, Cloudflare’s edge handles the load of the TLS handshakes, validating the device client certificates, and only sending the IoT infrastructure traffic from authorised devices.

“We are at the beginning of a new era in which a vast number of devices will be connecting to the Internet and security will play a critical role in the successful roll-out and adoption of IoT devices. Cloudflare’s Orbit adds another layer of defence that complements other security measures such as strong hardware-based device security and helps ensure a safer Internet of Things.” — Quinn Li, VP, and global head of Qualcomm Ventures, the investment arm of Qualcomm Incorporated, the leading supplier of components for IoT devices.



%d bloggers like this: