Internet security services provider Cloudflare has announced the launch of Orbit, a product which aims to solve the problems of Internet of Things (IoT) security by filtering traffic through the San Francisco-based vendor first.
The company argues a new model for security is needed with ever-increasing numbers of connected devices. “PC security does not work for IoT,” the company notes in a blog post. “Consumers do not share that similar understanding that they need to update their toasters, lightbulbs and cars, because they’ve never needed to in the past.
“And since we will never write perfect code, we need a better way of securing devices without waiting for users to do it for us.”
Hence Orbit. Cloudflare explains – in something of a Captain Hindsight move – that if Chrysler had used the company’s firewall, it could have simply patched the bug which made Jeeps vulnerable in 2015, rather than recall 1.4 million vehicles. “Orbit sits one layer before the device and provides a shield of security, so even if the device is running past its operating system’s expiration date, Cloudflare protects it from exploits,” the company explains. “And while devices may be seldom patched, the Cloudflare security team is shipping code every day, adding new firewall rules to Cloudflare’s edge.
“Think of it like changing IoT to I*oT – devices can still access the Internet, but only after passing through Cloudflare where malicious requests can be filtered.”
“IoT devices create a distinct security challenge both because of the inability of most end users to update their software, as well as the cost that manufacturers bear if they release an update that bricks devices. This is even worse for legacy devices, many of which are effectively unpatchable,” said Michael Freedman, CTO of Timescale and professor of computer science at Princeton University.
“Cloudflare’s Orbit provides a unique approach to help with these challenges, by deploying a defensive layer in the network where security updates can be safely made without end-user intervention or on-device changes.”
The launch is something of an interesting move. As other outlets have pointed out, while Cloudflare’s reputation when it comes to suppressing DDoS attacks and deflecting malicious traffic is good, putting itself out there as a one-stop shop for IoT devices would theoretically make it a major target for hackers.
You can read the full announcement here.