Reining in Your Attack Surface

BrandPost By Tempered Networks
Dec 05, 2017

istock 517127174
Credit: iStock

It’s growing by leaps and bounds, and we can largely blame it on the IP addressing scheme. 

The attack surface of the modern enterprise is expanding at a rate that strains the ability of IT and security teams to keep track of it, let alone manage and secure it. Can you envision how many points of access your organization may need to defend? 

In a shockingly short period of time in 2017, HBO, Equifax, and the U.S. Securities and Exchange Commission landed in what FoxBusiness labeled the Cyber hack hall of shame. Yahoo reported that a 2013 hack that was thought to expose 1 billion user accounts had in fact impacted all 3 billion accounts that existed at that time. And a reported hack of a global consulting and accounting firm is said to have compromised emails of multinational firms and government agencies. 

More recently, a security researcher discovered that a flaw in the WPA2 security protocol that protects most modern Wi-Fi networks “can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos … Depending on the network configuration, it is also possible to inject and manipulate data.” 

The attack surface for most enterprises is growing by leaps and bounds, and to a large degree we can blame it on the IP addressing scheme that provides hackers with a veritable roadmap to wreak havoc. 

Turned inside out

As Enterprise Strategy Group points out, “IP addresses essentially changed the world—from communication to commerce—but they were designed only to identify location and enable reliable connectivity. They were not built to establish identity or deliver security. As a result, in this age of limitless hacking and cyber-attacks, IT organizations must turn themselves inside out with complex solutions—combinations of firewalls, VPNs, routing policies, ACLs, VLANs, etc.—to try to make ubiquitous networked devices secure.” 

Consider, then, the IP-connected devices of your typical worker. He or she may have a smartphone, a tablet, a laptop, a smart thermostat, a streaming media device (or two), a printer, a router, a wireless gateway, and so on and so on. Those devices may interact with other devices in the hands of the worker’s immediate family. Each device represents a potential enterprise attack vector. So let’s say with 1,000 workers, you may have 5,000 to 50,000 vectors. And that’s before you start counting enterprise desktops, servers, and printers. Then factor in cloud connections, DevOps resources, VoIP phones, and whatever else connects to your network. 

That’s getting pretty scary. Then consider that by 2020, it’s projected there will be 24 billion IoT devices installed, each representing another attack vector. Oh, let’s not forget, every one of your partners has its own growing number of access vectors that can point your way. How can you possibly shrink that attack surface? It’s impossible, unless you can come up with a way to make your devices invisible to interlopers. 

Cloaking solution

“The good news is that a solution exists today in an industry protocol called host identity protocol (HIP),” writes Stu Bailey, CTO of Open Data Group and founder of Infoblox. “With HIP, an IP address can be cloaked or hidden with a unique, non-spoofable identity-based address. It’s like retinal scanning of your network devices. This means a device or an entire network becomes invisible by default—you can’t breach what you can’t see.” 

Tempered Networks uses HIP to provide products and services that comprise an encrypted Identity Defined Network fabric that protects every connected resource with a unique crypto identity, instead of a spoofable IP address, so enterprises can cloak any IP or serial-enabled endpoint, machine, or network—with no IP modifications.  

For more information, read this primer on HIP.