1 min read

Kaspersky Lab comes together with ITU-T to strengthen IoT security

A new international standard on “Security capabilities supporting safety of the Internet of Things” (Recommendation ITU-T Y.4806) officially came into play. Recommendation ITU-T Y.4806 was developed by Study Group 20 “Internet of things (IoT) and smart cities and communities” of ITU’s Telecommunication Standardization Sector (ITU-T). This new standard classifies security issues for IoT, examines possible threats for security systems, and clears out the safe execution of IoT cyber-physical systems supported by security capabilities. Kaspersky Lab, as a member of ITU-T Study Group 20, was one of the key contributors to the development of Recommendation ITU-T Y.4806.

Kaspersky Lab researchers have shown that non-computing connected devices incidents are among the top-3 incidents with the most severe financial impact, for both SMB and enterprise organizations, and are going to increase. In the wake of the recent TRITON attack targeting industrial control systems, it became obvious that attacks on cyber-physical systems can affect not only the information aspects, but also functional safety. Therefore, in response to today’s growing prevalence of IoT threats and elaboration on crucial industry standards, Kaspersky Lab ICS CERT experts actively contributed to the development of Recommendation ITU-T Y.4806 “Security capabilities supporting safety of the Internet of things” in order to determine which security capabilities specified in Recommendation ITU-T Y.4401/Y.2068 “Functional framework and capabilities of the Internet of things” support safe execution of IoT. The experts provided up-to-date specific recommendations for IoT framework security. Recommendation ITU-T Y.4806 is mostly applicable to safety-critical Internet of things (IoT) systems, such as industrial automation, automotive systems, transportation, smart cities, and wearable and standalone medical devices. Additionally, Recommendation ITU-T Y.4806 considers how the joint analysis of threats and security capabilities mentioned herein may be used to establish security requirements for the different applications of the Internet of things.

According to Kaspersky Lab ICS CERT experts, the most common cyber-physical system vulnerabilities include:

1.Insufficient protection of embedded web servers (web applications);

2.Self-made poorly implemented cryptography;

3.Built-in credentials, which are stored in firmware of programmable logic controller and allow remote hidden access with high privileges;

4.Execution of arbitrary code;

5.Escalation of privileges.