ThreatMetrix Announces Strategies to Combat Growing Threats to Critical Infrastructure and the Internet of Things
Posted October 14, 2014
In Conjunction with National Cyber Security Awareness Month, ThreatMetrix Outlines Security Measures to Properly Secure Web-Connected Devices and Critical Infrastructure
San Jose, CA – October 14, 2014 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced strategies to combat security risks for the Internet of Things (IoT) and critical infrastructure, continuing its commitment to this year’s National Cyber Security Awareness Month (NCSAM) theme, “Our Shared Responsibility,” as well as the third week’s theme of examining potential security implications associated with critical infrastructure and the IoT.
The theme of NCSAM’s third week is “Critical Infrastructure and the Internet of Things,” calling out the risks faced by devices and critical utilities as they increasingly connect to the Internet. As devices ranging from watches and heart monitors to refrigerators, as well as critical utilities such as water and power, continue to connect online, our everyday lives are placed at an increased risk to of being compromised by fraudsters.
In the past year alone, innovations in wearable technology and other fields have included a burst in Internet-connected devices. From cars that can send email reminders when they need service to health monitors that publish heart rate and glucose level to online tracking tools, the inter-connected world is growing and not slowing down, creating significant risks for consumers’ privacy and cyber security.
However, the users of these new technologies are not the only ones affected by the increasing connectivity of the world. Public infrastructure is all connected online, from power grids to water delivery systems, all controlled by networked devices. This is critical infrastructure, and it opens the door to individual cybercriminals or nation states to wage a new form of online warfare if proper security measures are not immediately set in place.
“The rapid growth of the Internet of Things creates a new wealth of information for cybercriminals to compromise, from our everyday appliances to critical operations, allowing them to steal personal information and cripple resources,” said Andreas Baumhof, chief technology officer at ThreatMetrix. “Apple will soon launch the Apple Watch, taking wearable tech from obscurity to the consumer forefront. It is becoming increasingly imperative that we ensure the information shared through these devices is secure as they will contain, collect, and track sensitive information about our personal physical lives, as well as elements tied directly to our financial being. In addition, point-of-sale system hacks have caused massive damage to major retailers over the past year, as we saw in the Target and Home Depot breaches, among others. Imagine what harm the mass distribution of health and critical infrastructure information can bring to the lives of millions.”
As the Internet of Things and online connectivity of our nation’s critical infrastructure shows no signs of slowing down, ThreatMetrix has outlined several security strategies to address some of the associated risks:
- Network Segmentation and Isolation – Network segmentation or “zoning” is a popular practice in Internet security. Through network segmentation the possibility of limiting the risk of a data breach to your entire network maximizes. It also can help businesses determine what information to keep on public or private networks.
- Account Authentication – Username and password authentication is the weakest point of entry for most businesses operating online, often making businesses an easy target for hackers. At this stage, it is irresponsible to protect any information stored online with passwords alone. The use of multiple authentication factors, such as context-based authentication and real-time fraud prevention can help reduce the risk of stolen user identities and fraudulent transactions without disrupting the user experience for authentic customers.
- Tracking – Tracking data enables businesses across industries to differentiate between authentic and fraudulent transactions and other activity. By identifying anomalies such as hiding behind proxies and virtual private networks or change in shipping address through a global network of shared intelligence, businesses can recognize patterns that represent known threats or never-before-seen patterns that show a potential threat.
- Secure Updates – It is important that Internet-connected devices are updated on a regular basis to stay one step ahead of cybercriminals as they become increasingly sophisticated.
For comprehensive cybersecurity strategies to be effective and protect Internet of Things devices as well as critical infrastructure, there needs to be collaboration and sharing of information at both the business and the government level, while protecting consumer privacy. The ThreatMetrix® Global Trust Intelligence Network anonymizes and encrypts data to enable businesses to identify threats and keep their business secure without providing any personally identifiable information.
In addition to the overall theme of “cybersecurity is a shared responsibility,” the U.S. Department of Homeland Security outlined weekly themes to commemorate National Cyber Security Awareness Month throughout October. The remaining upcoming themes include:
- Week Four – Cyber Security for Small and Medium-Sized Businesses and Entrepreneurs
- Week Five – Cyber Crime and Law Enforcement
ThreatMetrix will continue to support each week’s theme throughout the month. To commemorate National Cyber Security Awareness Month, ThreatMetrix has also signed on as a “Champion” with the National Cyber Security Alliance.
- Critical Infrastructure: 3 Critical Cybersecurity Fixes
- ThreatMetrix Predicts 2014 Cybercrime Will See Evolving Threats – Including Internet of Things and Risks to Critical Infrastructure
- How to Keep Cybercriminals from Hacking your Smartphone (and your Refrigerator and Thermostat)
- ThreatMetrix Cybercrime Prevention Summit 2014
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.
© 2014 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.