Author: Christian Fredrikson, President & CEO, F-Secure
9 Dec 2015
It’s a kettle that’s connected to the internet and, because of a security flaw, it could leave your entire wireless network vulnerable to hackers. But, why is a kettle connected to the internet?
The simple answer is that some people want to be able to press a button on their phone and make sure the water for their afternoon tea will be ready as soon as they walk in the door. The more complex answer is that almost everything is becoming connected to the internet.
Connectivity is becoming the default setting in technology, as part of what many are calling the next industrial revolution – the internet of things (IoT). Everything is becoming ‘smart’ and, as F-Secure’s CRO Mikko Hypponen has been explaining around the globe: “Smart means exploitable.”
As smartphones lead to smart homes, smart cities and smart grids, the potential for efficiency is dwarfed only by the
Since I joined F-Secure in 2012, our priority has become to make our cyber security not just as smart as the devices we protect, but smarter than the multiplicity of threats innate in this dawning age of mass connectivity, where the ability to get online is being prioritised over the need to be secure once you get there. As smartphones lead to smart homes, smart cities and smart grids, the potential for efficiency is dwarfed only by the potential vulnerabilities.
Making unpredictable threats predictable has increasingly become F-Secure’s core competency, as we protect hundreds of millions of PCs around the globe through white-labelled and branded solutions. Thanks to the F-Secure Security Cloud, F-Secure’s business and consumer users are protected from threats that F-Secure Labs has not even seen before. This technology is made possible by a constantly growing and evolving knowledge base of digital threats, fed by data from client systems and automated threat analysis services. New threats are constantly appearing in the wild. Any user with a Security Cloud-enabled product may be the first to encounter a new threat and provide our systems with scanning results, file metadata, malware behaviour data, and a sample of the file. All users will benefit from this data and receive protection faster and more accurately than with traditional security products. Essentially, Security Cloud-enabled products form a network where they cooperate and share threat data.
One of the core innovations in Security Cloud is the reputation lookup service that extends protection wherever you connect. By querying the reputation of computer networks, such as home routers and public wi-fi, and objects (like files or URLs), networks are examined for altered DNS settings and other security holes that expose users to attacks.
This kind of protection saves users’ computing power, storage space and bandwidth, making the entire process of malware detection faster. Because Security Cloud relies on a cloud-based reputation database, new detections are essentially instant. Data accumulated from millions of client nodes around the globe allows our Labs to build an accurate picture of the global threat situation that exists at this very second.
F-Secure Labs remains key to monitoring this massive amount of data, with respect for users’ inherent right to privacy, which has also become one of the main focuses for the company. Indeed, F-Secure has led the security industry in its commitment to detecting government software and maintaining privacy principles that stand above its competitors.
Now we’re in the business of protecting the privacy of millions of people around the world who have been waking up to the fact that their online activity is very interesting to advertisers, intelligence agencies, and hacktivists, along with criminals. F-Secure Freedome, launched in 2013, offers a virtual private network app that also blocks internet tracking and allows customers to transcend geo-locking restrictions. To build security and privacy solutions that are as fast and as smart as a world where even your kettle is online, security built to protect yesterday’s desktops and phones would never be good enough for tomorrow.
Nation states are investing large sums and PhD-level brainpower into cyber-attacks. As a result, attacks are becoming more advanced at an increasing rate. Of course, typically, such attacks are not directed against normal consumers. However, it’s impossible to put the cyber genie into the bottle once an attack has been made public and, as such, these advanced techniques trickle down to common criminals. Defences needed by critical infrastructure operators today are going to be needed in a normal home tomorrow.
That’s where Sense comes in. Sense is a new kind of product that provides advanced defence as well as protection for your internet-connected devices with low system load and need for manual administration. Threats are blocked by artificial intelligence based on their reputation and behaviour – they are sensed instead of scanned. While Sense analyses network traffic with a hardware device in your home and can prevent attacks from ever reaching your various devices, it is not only about networks. A protection that’s based only on analysing network traffic is prone to bypass techniques such as malware waiting for a week before performing any malicious actions.
As more and more traffic is encrypted with https or VPN technologies, a deeper analysis of traffic is not always possible on a network. Sense has a lightweight end-point agent that talks to the unit and complements the protection by providing visibility into events on the various devices at home. The Sense device and end-point software is just a sensor – like the billions of sensors that will inform the IoT.
The actual analysis for Sense takes place in the F-Secure Security Cloud, with careful respect for privacy. In a typical case, client software only asks for the reputation corresponding to a trace of an object. Only if deeper analysis is needed, the metadata of an object, URL, file, or even the object itself could be sent to an F-Secure server, where it will be analysed and then discarded after analysis.
And here’s the secret that makes Sense as radical as the revolution that internet-connected technology is supercharging: analysis in the cloud is performed by cutting-edge learning technologies. Malware experts at F-Secure Labs have turned from analysts into teachers. Human experts train our systems to tell malware apart from clean applications, and automation will then handle the actual analysis. This is not just a better way of doing malware analysis; it’s also a necessity, with around 350,000 unique samples a day to analyse and three billion queries to run, on average.
Real-time processing that anticipates threats that don’t exist yet. A mission to secure every connected device. A commitment to privacy that is the foundation of security. These are the principles that have helped F-Secure prepare for a future where the only option is to be smarter than the threats we will face.
And about that kettle – is it likely to be hacked today? No, unless hackers want to drive around until they find one, or happen to know a target who has a penchant for IoT-enabled tea. But, in the near future, a sky full of connected drones might make such attacks common. That’s why we want to make sure security and privacy are at the core of the future that’s being rapidly imagined into reality around us.