We are witnessing a technology race against cyber criminals to keep IoT systems and their users safe.The most vulnerable targets include smart cars, homes, production plants, cities and their infrastructure. New technologies, with the Internet of Things in the avantgarde, are exponentially increasing the number of the weak points and targets for cyber-attacks. Phishing and social engineering attacks targeting user credentials are equal to 80% of all cyber-threats. Passwords and credentials are also being used by users and devices in IoT networks.
Hijacking of the connected car by cybersecurity experts within one research project with use of stolen credentials clearly showed connected cars’ vulnerabilities. It demonstrated how such an event could be a danger to the car, the driver himself and also to city traffic and other people, if potentially used for a terrorist attack. Smart cars are also vulnerable to cloning and relay attacks that allow thieves to steal a car with the use of a laptop and a hardware that can be easily and legally purchased online.
Hackers can gain access to a smart building network through unsecured IoT devices such as light-bulb. It is again a problem of using credentials: users’ but also devices’.
Also, cities are introducing “smart systems” to better manage various operations that include surveillance, security and rescue services, traffic and public transportation management, lighting, energy and utility services. As the vast majority of the simple end-point devices are unable to run encryption algorithms or cybersecurity tools, they are left unsecured and may already be presenting a serious risk to IoT systems and consequently to entire cities and their populations.
ELIoT Pro is designed to provide a solution to above described threats as a complete, end-to-end solution addressing Cybercrime issues and satisfying Cybersecurity Compliance requirements for IoT networks.
ELIoT Pro’s Human-to-Machine authentication component eliminates the problem of stolen passwords or any other static credentials. Addressing Machine-to-Machine secure authentication and encrypted communication problem, ELIoT Pro’s Lightweight Encryption provides a solution removing the use of password or any type of static credentials also in Machine-to-Machine communication.
ELIoT Pro provides an equally high level of security to all types of IoT devices regardless of their memory/computational power limits.
ELIoT Pro also provides device and network performance monitoring and anomaly detection with use of a Rules Engine. This component is a data analytics element which is responsible for monitoring the performance of single devices as well as of the entire network, predictive maintenance, servicing scheduling, malfunction detection and alerts.
The objectives are:
• to create a universal cybersecurity system providing strong user authentication,
• protection of devices and an entire IoT network in the form of a password-free and credential-free authentication between connected devices,
• to provide Lightweight Encryption that can encrypt communication between all types of IoT devices regardless of their computational capabilities, size of memory or energy consumption,
• to provide security to users of the IoT devices and networks by a behavior and performance monitoring system that is able to detect devices’ and systems’ malfunctions and anomalies.