Fotolia
IoT security threat already exercising industry minds
If the Meltdown processor security flaw has shown that some threats have gone under the radar there are also some concerns that IoT could add to the problems unless addressed with extra network security
The focus for those responsible for earmarking research and development funds in the security world is to use some of the power of the cloud and machine learning to search more widely and quickly for threats.
The recent Meltdown processor security flaw has revealed that the problems go well beyond Windows vulnerabilities and exploiting websites and there are concerns that the growing number of IoT devices entering the market will widen the attack vectors even further.
John Gmuender, CTO and senior vp engineering at SonicWall, said that it had exposed the Meltdown issue thanks to some of the deep machine learning tools it had developed and was already looking to make investments in other areas to keep making life difficult for cyber criminals.
"The key thing about IoT is that it is not like a Windows or Mac and there is no anti virus. The processor is small and can't run it," he said.
The firm is looking at helping beef up network security to take the burden of protecting off the IoT devices.
"With IoT most people are just looking to do a secure channel between the IoT device or chip. But increasingly those SSL links are getting corrupted," said SonicWall CEO Bill Conner.
The firm found Meltdown using its Capture Cloud Real-Time Deep Memory Inspection (RTDMI) product and Gmuender said that the processor security flaw was going to be an issue that the channel would be helping customers deal with for quite some time to come.
"The processor firms will hurry to produce new chips that shouldn't be able to go after memory in the kernel," he added that it already had tools that would deal with the problem but in the long term customers might look to invest in fresh kit to ensure they got decent performance.
Conner said that once it started running its deep memory inspection product it found hundreds of new threats and the attackers had been able to sidestep some of the more traditional tools and get their malware installed under the radar.