Kaspersky IoT Secure Gateway 1000 is the company’s latest Cyber Immune product for organisations embracing digital transformation, helping them to accelerate business value from new streams of industrial data. The gateway connects IoT devices and controllers with business applications and cloud platforms. It then ensures the security of these interactions and the data transferring through them due to the secure KasperskyOS in the gateway’s core and its network attack protection capabilities. Customers operating smart city systems, including utilities, street lighting and road infrastructure, or in manufacturing or energy production and distribution projects, get a secure IoT system and visibility across all connected devices. The solution is being presented at GITEX Global in Dubai, UAE this week as a pilot project.
IoT is continuing to penetrate businesses: according to Gartner (https://gtnr.it/3EumzaT), 61% of organisations already show a high level of IoT maturity. According to Kaspersky telemetry, from January to September 2022, there were 67,000 infected IoT across the Middle East, Turkey and Africa. These devices were responsible for 11 million attacks. There was a spike in attacks coming from the region in the third quarter of 2022: from July to September the number of attacks increased sevenfold – by 659%.
Given the increase in the number of outgoing attacks, the spike could be explained by the deployment of new bulletproof hosts by cybercriminals to increase their botnet size. Presumably this has been done in Turkey, which has the region’s largest share of outgoing attacks.
Given the diversity of IoT devices and their related cybersecurity risks (https://zd.net/3MoHbTX), the need for their protection is clear, especially when it comes to smart cities or critical infrastructure. Traditional measures are not sufficient for IoT protection, making it crucial that specialised security solutions are implemented.
A reliable shield from network attacks and gateway threats
The new Kaspersky IoT Secure Gateway 1000 is a hardware appliance with firmware based on KasperskyOS and Advantech UTX-3117 device. It ensures the security of the entire IoT system at the gateway level thanks to its secure-by-design approach and built-in protection capabilities.
It provides industry with protection from network attacks, as well as DDoS or Man-in-the-Middle attempts, through a firewall that uses the principle of Default Deny. This only allows preapproved network interactions to pass through the gateway. Additionally, the Intrusion Detection and Prevention module (IDS/IPS) detects and blocks malicious activities.
The Cyber Immunity approach embodied in the firmware ensures that most threats cannot affect the security status of a device or the whole IoT system of the enterprise
The gateway is made immune to most attacks by KasperskyOS, which sits at its core. The operating system features a microkernel which minimises the risk of vulnerabilities and decreases the attack surface through just a few thousand lines of code. The minimal number of trusted components in the operating system, security domain isolation, scanning of inter-process communications and the Multiple Independent Levels of Security (MILS) architecture ensure that most types of attacks are not able to affect the gateway’s functions. Its security goals were defined at its inception, making Kaspersky IoT Secure Gateway 1000 secure-by-design.
Furthermore, secure boot and update technologies ensure the authenticity and integrity of the gateway’s firmware and updates. The secure boot blocks firmware from loading if it is damaged or altered without authorisation. Secure update guarantees that only correct updates from trusted sources will be uploaded to the device.
A convenient tool for IoT device visibility and security management
Kaspersky IoT Secure Gateway 1000 helps network administrators maintain visibility and control over the network. It shows all devices connected to the network and detects and classifies new ones within a minute of connecting. The interface provides IT or OT teams with necessary details about devices, including type, vendor and operating system.
This product is managed through Kaspersky Security Center, where all security events can be viewed. The gateway supports Syslog and MQTT protocols, which permit all security events to be transmitted to external systems, such as SIEM or cloud platforms like Microsoft Azure, Siemens MindSphere, AWS, IBM Bluemix and others. Kaspersky Security Center also facilitates unified administration of Kaspersky enterprise products, such as those for endpoint and cloud protection. Customers can completely protect their IoT suite, from the gateway to the cloud, and manage it through one centralised administration console.
“With this new gateway, Kaspersky expands its portfolio for IoT infrastructure protection. In 2021, we launched Kaspersky IoT Secure Gateway 100, dedicated to Industrial IoT and safe data delivery from manufacturing to business applications. The next generation of gateways delivers more IoT security and management functions important for industries and operations with increased security requirements, such as smart cities, transportation networks, video surveillance and critical infrastructure. The Cyber Immunity approach embodied in the firmware ensures that most threats cannot affect the security status of a device or the whole IoT system of the enterprise,” comments Andrey Suvorov, Head of KasperskyOS Business Unit at Kaspersky.
Kaspersky IoT Secure Gateway 1000 will be available in Middle East as a pilot project. The Kaspersky team will consider the possibility of enabling test implementations with interested customers on a case-by-case basis. To submit a request, please contact the Kaspersky team by email (start@aprotech.ru).
Distributed by APO Group on behalf of Kaspersky.