Kaspersky Lab teams with ITU-T to strengthen IoT security

Posted on Feb 22 2018 - 9:59am by Upgrade Staff

In January 2018, a new international standard on “Security capabilities supporting safety of the Internet of Things” officially came into play. The standard, referred to as Recommendation ITU-T Y.4806, was developed by Study Group 20 “Internet of things (IoT) and smart cities and communities” of ITU’s Telecommunication Standardization Sector (ITU-T).


This new standard classifies security issues for IoT, examines possible threats for security systems, and clears out the safe execution of IoT cyber-physical systems supported by security capabilities. Kaspersky Lab, as a member of ITU-T Study Group 20, was one of the key contributors to the development of Recommendation ITU-T Y.4806.

Kaspersky Lab researchers have shown that non-computing connected devices incidents are among the top-3 incidents with the most severe financial impact, for both SMB and enterprise organizations, and are going to increase. In the wake of the recent TRITON attack targeting industrial control systems, it became obvious that attacks on cyber-physical systems can affect not only the information aspects, but also functional safety.

In response to today’s prevalence of IoT threats and elaboration on crucial industry standards, Kaspersky Lab ICS CERT experts actively contributed to the development of Recommendation ITU-T Y.4806 to determine which security capabilities specified in the “Functional framework and capabilities of the Internet of things” (Recommendation ITU-T Y.4401/Y.2068) support the safe execution of IoT. The experts also provided up-to-date specific recommendations for IoT framework security.

Recommendation ITU-T Y.4806 is mostly applicable to safety-critical Internet of things (IoT) systems, such as industrial automation, automotive systems, transportation, smart cities, and wearable and standalone medical devices. This new international standard also considers how the joint analysis of threats and security capabilities mentioned herein may be used to establish security requirements for the different applications of the Internet of things.

READ:  Cylance recommended in NSS Labs’ First Next-generation Advanced Endpoint Protection test

“In the wake of the recent TRITON attack targeting industrial safety systems, it became obvious that attacks on cyberphysical systems can affect not only the information aspects, but also the functional safety. Our aim was not only to plant the flag on the idea of high probability of security breach attacks, but also to determine the methodology for developing specific requirements. We believe that our contribution to ITU-T’s IoT security standard (Recommendation ITU-T  Y. 4806) will help organizations develop more efficient cybersecurity strategies to fully face up to modern cyber threats,” added Andrey Doukhvalov, Head of Future Techs at Kaspersky Lab.

According to Kaspersky Lab ICS CERT experts, the most common cyber-physical system vulnerabilities include:

  1. Insufficient protection of embedded web servers (web applications)
  2. Self-made poorly implemented cryptography
  3. Built-in credentials, which are stored in firmware of programmable logic controller and allow remote hidden access with high privileges
  4. Execution of arbitrary code, and
  5. Escalation of privileges

To counter the above vulnerabilities and other less frequent IoT security challenges, recommendations developed by Kaspersky Lab ICS CERT experts describe how to proceed from consideration of the types of impact on the cyber-physical system to the analysis and modeling of threats to functional safety, and then to the development of recommendations on security measures, illustrating the described method with concrete examples.

To avoid attacks such as TRITON, and as per Recommendation ITU-T Y.4806, which summarizes the data necessary to establish the requirements for industrial control systems to resist security threats that could affect safety, Kaspersky Lab experts strongly recommend to do the following:,

  • to implement reliable and resistant-to-attacks communication infrastructure and monitoring mechanisms, as well as mutual authentication and authorization for management and control
  • to implement the audit of management and control procedures and attack detection mechanisms
  • to implement the mechanism to monitor the load on equipment and communication channels, including the detection of both unintentional overload and denial of service attacks.
READ:  Relationship break-ups put personal privacy at risk

Related Posts

Every business can benefit from the Internet of Th... By Grant Thornton Every business can benefit from the Internet of Things – just start small and choose wisely when deciding which operations you want...
PLDT launches managed security solutions for end-t... Telecoms and digital services provider PLDT, through its Information and Communications Technology (ICT) subsidiary ePLDT, expanded its suite of IT se...
Key security incidents that shaped threat landscap... Some of the revelations of the past year raised questions about the way the Internet is used nowadays and the type of risks faced by users, according ...
Trend Micro’s ‘What’s Your Story? Art Carava... Earlier this year, customers of a local bank received an email requiring them to update their bank records by clicking a link disguised as the bank’s ...
How OlympicDestroyer malware was designed to confu... Kaspersky Lab’s Global Research and Analysis Team published the results of its own research into attacks by the OlympicDestroyer malware, providing te...
How safe is your online behavior? Researchers say ... Selecting a password or deciding whether an email is a phishing email or not are among countless security decisions you make on a regular basis. Are y...
Sophos Mobile 8 launched to simplify endpoint mana... Sophos announced Sophos Mobile 8, the latest version of its Unified Endpoint Management (UEM) and mobile security solution. This new version lets syst...
Manage smarter, more autonomous networks with Inte... By Alan Zeichick Tech Editor, NetEvents With lots of inexpensive, abundant computation resources available, nearly anything becomes possible. For ...
What really haunts I.T. decision makers? Technology is changing at a scary pace. But, what really haunts information technology (I.T.) decision makers as they sit in front of their computer s...
Globe readies network for emerging IoT services wi... Globe Telecom is enabling its network to support emerging Internet of Things (IoT) services, making full use of all the 700-megahertz spectrum and oth...
About the Author

Leave A Response