Flash-to-Cloud Ironclad Defense for IoT and Connected Devices
Security has become a vicious cycle of an arms race. Attackers continuously develop new tools to exploit vulnerabilities, and defenders are tackling new attempts using patches of known vulnerabilities, applying network defenses and more. In this arm race, Cyberattackers seek persistency to prevail, e.g. survive a device reset, in order to execute zero-day attacks, ransomware demands etc.
NanoLock introduces a new approach for tackling persistent attacks: An embedded gatekeeper that allows persistent changes to critical code only if authenticated and signed by an external authorized server. The patented solution prevents manipulation and erasure of critical code through establishing a root-of-trust in the device’s Flash memory (Non-Volatile Memory) and moving the control from a vulnerable remote device to a trusted entity in the customer’s cloud or data center. Every attempt for a persistent change to the device’s critical code in the Flash, such as calibration, configuration, applications, is verified by the root-of-trust that acts as a gatekeeper. Only update requests that were authenticated by an external server will be approved. Unauthorized change attempts are rejected and alerted, blocking cyber-attacks by insiders, outsiders and even supply chain attackers.
NanoLock’s protection is a perfect fit for any connected device:
- Lightweight passive protection, regardless of attack type
- Processor and operating system agnostic
- Minimal energy requirements
- No performance hit
- Works with legacy and new devices
NanoLock’s root-of-trust is available either as an embedded software on already operational devices or rooted in the silicon of leading Flash memory providers for new devices.