If You Connect It, Protect It
If You Connect It, Protect It
October 1, 2020
It’s Cybersecurity Awareness Month. Here are some areas to focus on when considering IoT security, so you can keep bad actors out of your devices.
Internet of Things (IoT) devices – in the simplest terms, physical objects designed to connect and share information with other devices via the internet – are rapidly gaining popularity. In fact, there were nearly 26.66 billion active IoT devices in 2019, up from 7 billion in 2018 . That’s almost four times as many in just one year!
Unfortunately, IoT security isn’t booming to the same degree. Research by Palo Alto Networks found that 98% of IoT traffic is unencrypted, while some 57% of IoT devices are vulnerable to medium- or high-severity attacks . There is hope, though. As security decisions begin to consolidate under CISOs in many organizations, IoT security awareness is growing.
Here are five of the top methods attackers use to exploit the weaknesses of IoT devices:
- Exploiting target device vulnerabilities. Attackers frequently exploit the unique vulnerabilities of particular IoT devices to gain entry to a network. Once they’re in, they can leapfrog to other systems and seek out higher-value targets.
- Password attacks. Many IoT devices come with default, manufacturer-set passwords. Many organizations never change these passwords, leaving them exposed. Additionally, misalignment between departments can lead to some devices receiving less advanced passwords, leaving a gap for attackers to exploit.
- Unclosed backdoors. Some devices remain vulnerable from prior malware infections. A prime example is the WannaCry ransomware attack. Devices previously targeted by the DoublePulsar malware had backdoors that attackers exploited to spread the ransomware. Unpatchable devices, such as those running on the deprecated Windows 7, leave many such backdoors wide open for attackers.
- Unsegmented networks. Malware can spread quickly on networks with a variety of device types. Once again, WannaCry ransomware devasted healthcare organizations where a mix of devices, such as PCs, scanners and medical imaging devices, coexist on the same network. Attackers only need one entry point into the network – for example, an unpatchable MRI machine running Windows 7 – to compromise every device.
- Botnet attacks. Some malware variants, such as Mirai, turn networked devices into remotely controlled bots that can be used to carry out large-scale attacks as a botnet. Frequent targets are consumer devices running on Linux, such as IP cameras and home routers.
With a comprehensive security strategy that encompasses the entire IoT lifecycle and all IoT devices, it’s possible to defend against all of these tactics. We recommend:
- Discovery of all IoT devices on your network.
- Patching all easily patchable devices such as printers.
- Using VLANs to segment IoT devices, using micro-segmentation where possible.
- Introducing around-the-clock monitoring.
- Creating a vulnerability management process which includes:
- Asset discovery
- Identification of asset vulnerabilities
- Threat intelligence to prioritize vulnerabilities
- Patching, configuration management and isolation as remediation methods
Download the full report here for more insights.