Max Emelianov, HostForWeb
The honeypot is one of the most tried-and-true tactics in both law enforcement and espionage. It also has a long history in cybersecurity – a history that’s being put to excellent use in defending the Internet of Things. Ladies and gentlemen, say hello to HoneyBot.
The Internet of Things represents one of the greatest cybersecurity challenges of our time. How exactly do we protect a digital network consisting of billions of connected devices – many of which were manufactured by organizations with little or no knowledge of security best practices? How do we prevent the creation of new botnets like Mirai; how do we prevent hackers from bringing down our infrastructure around our heads?
It’s not an easy question to answer. To understand why, one needs to understand a little about IoT’s security landscape. There are two core issues where IoT security is concerned – and one of them is staring at us in the mirror every morning.
First, it’s that IoT vendors are not software vendors. Most don’t have any real concept of what’s required to keep a connected device safe from unauthorized access. Moreover, security isn’t really a priority for them – they’re more concerned with time to market and tamping shiny new features onto their devices.
And that’s where we, the end users come in. We are, beyond any shadow of a doubt, a huge part of the problem. Because no matter how much we may claim it matters, no matter who much we may wax on about security, when given the choice between a more secure device and a more convenient one, most of us will overwhelmingly choose the latter.
Most business leaders know that you can’t really change something that’s ingrained into the behavior of their audience – at least not overnight. And most organizations know that in order to start holding vendors more accountable for their security flubs, we’ll need to push for regulatory reform. Again, that takes time.
But it may be time we don’t have.
Right now, as I write this, we’re left sitting on the fact that downright amateurish malware can create botnets like Mirai. If it’s possible for hobbyists to bring the Internet to its knees, then what could an experienced black hat do? That’s not a comforting thought, to say the least.
And it’s one that many of the security space’s most brilliant minds the world over have been dwelling on for several years now.
Meet HoneyBot, the IoT honeypot
Fortunately, they’ve started getting results. Researchers at Georgia Tech’s School of Computer and Electrical Engineering, for example, have uncovered one possible route to fixing IoT’s security woes. It’s called HoneyBot, and the software at its heart could have some incredible implications.
A tiny remote-controlled robot that looks a little like a mix between Johnny 5 from Short Circuit and the titular Wall-E, HoneyBot is designed to provide remote sensor data and movement information to anyone who connects to it. But it’s also got a neat little trap built into its software.
If a user – say, someone who shouldn’t have access to HoneyBot in the first place – tries to make it do something its owner doesn’t want it to do, HoneyBot pretends it’s following their command. While simulating a response, it sends alerts to its real-world owners. The bad actor thinks they’ve successfully compromised the robot, when in reality all they’ve done is alert a cybersecurity team to their presence.
It’s a solution that’s brilliant in its simplicity, and one that works surprisingly well. The team has, according to Network World, already completed preliminary tests that indicate the robot works. Users trying to virtually pilot it through a maze were unable to distinguish between simulated data and real data – several people who attempted to cheat the maze by taking ‘forbidden’ shortcuts thought they succeeded, while the robot simply sat idle.
Mind you, it’s not a perfect solution. Clever attackers have ways of recognizing that they’re being spoofed, and there are likely methods for circumventing HoneyBot’s protections.
“If the attacker is smart and is looking out for the potential of a honeypot, maybe they’d look at different sensors on the robot, like an accelerometer or speedometer, to verify the robot is doing what it had been instructed,” explains Professor Raheem Beyah, who spearheaded the bot’s creation. “That’s where we would be spoofing that information as well. The hacker would see from looking at the sensors that acceleration occurred from point A to point B.”
Still, it’s better than what we’ve got now, which is nothing. If we were to combine the core concept of HoneyBot’s software with better security regulation, greater accountability for IoT vendors, and more visibility into connected endpoints, we’ll be one step closer to solving the biggest cybersecurity roadblock our society has ever seen. We’ll be one step closer to a safer, better, and more secure connected world.
Max Emelianov started HostForWeb in 2001. In his role as HostForWeb’s CEO, he focuses on teamwork and providing the best support for his customers while delivering cutting-edge web hosting services.