For more than a decade, internet-of-things devices have grappled with security issues and unresolved vulnerabilities. These challenges have led to the proliferation of botnets, enabled government surveillance, and exposed institutional networks and individual users globally. However, the journey toward enhanced security has been sluggish, with manufacturers often slow to improve their practices and invest in robust defenses.
At the Black Hat security conference in Las Vegas, researchers from Panasonic unveiled their IoT defense strategy, developed over five years. This approach involves leveraging data from attacks on the company’s products to bolster cybersecurity. Using Panasonic’s home appliances and other internet-connected electronics as bait, the researchers created honeypots designed to attract real-world attackers, thus enabling the analysis of their exploit attempts and malware strains.
This innovative technique allows Panasonic to identify and scrutinize current threats. Their commitment to IoT threat intelligence sets them apart as a legacy manufacturer willing to contribute to the broader industry by sharing insights and fostering collaboration. The goal is to promote a collective effort in comprehending and countering the latest threats affecting a wide range of products.
“Attack cycles are becoming faster. And now the malware is becoming all the more complicated and complex,” says Yuki Osawa, chief engineer at Panasonic, who spoke with WIRED ahead of the conference through an interpreter. “Traditionally, IoT malware is rather simple. What we fear most is that some kind of cutting-edge, most-advanced type of malware will also target IoT. So there is importance to protect [against] malware even after the product is shipped.”
Panasonic has named its endeavor to monitor threats and devise protective strategies “Astira,” combining the terms “asura” and “threat intelligence,” inspired by Buddhist demigods. The insights derived from Astira contribute to developing the IoT security solution called Threat Resilience and Immunity Module, abbreviated as Threim. Threim’s primary function is to identify and thwart malware on Panasonic devices. In an assessment involving Panasonic products utilizing ARM processors, Osawa reports an approximate malware detection rate of 86 percent, derived from the analysis of 1,800 malware samples collected through the ASTIRA honeypots.
“We use the technology to immunize our IoT devices just like protecting humans from the Covid-19 infection,” Osawa says. “These anti-malware functions are built-in, no installation required, and are very lightweight. It doesn’t affect the capability of the device itself.”