Perhaps nothing reflects the state of cybersecurity in the connected universe better than the recent phenomenon of vigilantes bricking vulnerable devices to prevent them from falling victim to other hackers. According to Cloudflare Inc., the situation calls for a major overhaul of breach prevention strategies.
The provider hopes to usher in this change with a newly unveiled service called Orbit intended to help manufacturers make their hardware more secure. It aims to accomplish this by reducing the reliance on patches for combating vulnerabilities. Device makers often don’t have the resources to release a security fix in a timely manner and, even when they do, many users don’t bother installing the update.
Orbit puts up several obstacles at the network level that make it difficult for hackers to exploit vulnerable hardware. According to Cloudflare, the first layer of defense is a firewall designed to block exploitation attempts and distributed denial of service attacks that seek to overwhelm endpoints with junk traffic. This includes campaigns orchestrated by botnets that exploit other connected devices.
Cloudflare product manager Dani Grant wrote in a blog post today that Orbit enables companies to tailor the firewall’s behaviors for their needs. A firm that sells sensors could block all inbound traffic outside of requests made by its own servers, while a car maker might add partner-developed mapping services to the whitelist as well.
The firewall is complemented by a set of authentication features that lets manufacturers establish a secure connection between end-points in their field and their backend infrastructure. It’s aimed not only at protecting consumers but also preventing botnets from disguising themselves as legitimate device and accessing a hardware maker’s servers. To help deal with particularly severe threats, Orbit gives companies the option of blocking infected units.
These security features are delivered through Cloudflare’s content delivery network alongside all the main usability-boosting capabilities that it provides for websites. As the company specifies in the product page for Orbit, updates are distributed to each device from the nearest available data center while the data is compressed to speed up downloads.
Cloudflare claims that 25 companies are using the service on launch. If the provider signs up enough manufacturers, it could turn the many billions of devices that need protecting in the connected universe into a significant source of revenue. So much so, in fact, that rival Akamai Technologies Inc. may be tempted to join the fray too as part of its ongoing efforts to create new income streams.