Cybersecurity vendor CrowdStrike has announced the release of new extended detection and response (XDR) capabilities within its Falcon platform to secure extended internet of things (XIoT) assets including IoT, Industrial IoT, OT, and medical devices.
CrowdStrike Falcon Insight for IoT delivers tailored threat prevention, rapid patch management, and interoperability across XIoT assets to help customers secure their organisation with the same platform across IoT, IT endpoints, cloud workloads, identities, and data, CrowdStrike said.
The challenges posed to organisations and security teams in effectively securing diverse IoT resources remain stark, while the threats posed to IoT assets subject enterprises to significant risks, attacks, and vulnerabilities.
IT/OT convergence driving IoT security challenges, risks
The mass convergence of IT and OT forces security teams to secure critical infrastructure systems. However, traditional IT security solutions don’t interoperate with XIoT assets, lack context for effective threat prevention and detection, and disrupt operations, CrowdStrike said in a press release.
CrowdStrike Falcon Insight for IoT collects and leverages asset-specific context to drive tailored XIoT threat prevention policy and high-fidelity detection, CrowdStrike claimed.
“With the acceleration of OT digital transformation, organisations are struggling to address security challenges including stopping sophisticated attacks and dealing with operational complexity in securing XIoT assets in industrial control systems (ICS) networks,” said Michael Sentonas, president of CrowdStrike.
CrowdStrike said Falcon Insight for IoT’s key features include:
- XIoT threat detection reduces risk and improves business continuity by identifying threats via asset-specific context such as device type, OS version, and protocols.
- Tailored, AI-based threat prevention stops threats at the source, with custom policy recommendations for XIoT assets that empower organisations to limit system burden and manage sensor updates.
- Response for hard-to-patch assets contains threats with integrated response actions, such as host/process containment and USB device control.
- A lightweight agent provides interoperability with mission critical XIoT assets that is tested and validated by ICS vendors.
- Deep integrations with CrowdStrike Alliance and XIoT partners enhance protection, detection, and response.
IoT, ICS assets are vulnerable, attractive attack targets
Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) published seven advisories covering vulnerabilities in ICS and supervisory control and data acquisition (SCADA) software from multiple vendors. Some of the flaws were rated critical and two of them already have public exploits.
Meanwhile, a report from industrial cybersecurity firm Otorio recently highlighted the attack vectors industrial wireless IoT devices are susceptible to along with vulnerabilities the company’s researchers found in several such products.
“Industrial wireless IoT devices and their cloud-based management platforms are attractive targets to attackers looking for an initial foothold in industrial environments” the researchers said in their report. “This is due to the minimal requirements for exploitation and potential impact.”