Your ‘Forgotten Things’ Are Making You Vulnerable
to Cyber Threats

November 22, 2022

A backup cell phone. Seldom used laptops or tablets. Unattended smart medical equipment. An old, active enterprise server. What do all these devices have in common? We’ve all got them, and while often forgotten, their internet connectivity lives on. This leaves you vulnerable to cyber threats from the exact devices threat actors count on you forgetting.

 

Whether it’s consumer devices or those used by corporations and government entities, chances are something is connected to the outside digital world, potentially leaving open a pathway to sensitive information, operational technology and critical infrastructure.

 

Unfortunately, our enterprise, government and critical infrastructure environments have way too many unlabeled boxes full of stray, sometimes essential, devices connected to organizational networks. Whether we don’t know they’re there and/or we’re not sure of their purpose, these devices are the “Internet of Forgotten Things” (IoFT).

 

These devices are everywhere. While some are less impactful, others are as crucial as heart pumps in hospitals and safety mechanisms for water treatment plants.

 

 

The Risk of Forgotten Things

The severity of the risk to an organization depends on the health and maturity of its network security. A robust, heavily monitored network will of course have less risk, but it’s not uncommon for some devices to remain unaccounted for. IT teams need to have the ability to find unknown or unapproved devices and be able to request/receive access justification or confidently knock them off the network. There are security tools and services out there that passively sniff environments for these devices.

 

A highly robust and monitored network will usually have less items unknowingly connected to the internet. It’s not uncommon to find gaming systems and smart TVs where they shouldn’t be. The less aware an IT organization is regarding the actions of users, the more common the problems are.

 

Often the unaccounted-for devices are relatively inconsequential. But some can lead to significant security issues.

 

For example, what happens when an organization takes up a massive cloud migration, as many have done over the past couple years? Or when a company wants to deploy an organization-wide software upgrade? Or if an organization is facing a true, real-time threat to its systems? Can the IT/IS teams confidently shut off access to network segments? What if some of these unknown connected devices aren’t throwaway items at all, but instead include I.V. drips in patients’ rooms or release valves in nuclear power plants?

 

 

How to Prevent Forgotten Devices

Thorough and proactive IoT asset inventory is vital. Every device that is in, out and connected needs to be logged and treated like a corporate-issued PC. They need to be tagged, tracked and monitored to ensure appropriate connectivity in accurate locations at all times.

 

But what about those forgotten devices from others that are still secretly connected to your network? It’s a good idea to do an occasional walkthrough of your security environment and look for unknown or unapproved devices. Having the ability to boot them from the network is a key capability.

 

In this ever-evolving digital world we are surrounded by smart devices, opening a gateway of forgotten and overlooked interconnectivity. Remember, if it’s connected you may not be protected.

Sean Tufts
Practice Director, Product Security - ICS & IoT | Optiv
Sean Tufts is the Practice Director for the OT/IoT business at Optiv. He's a former NFL Linebacker turned Critical Infrastructure security leader. Post NFL, he worked for utility operators and O&G hardware suppliers. Prior to his current leadership position at Optiv, Sean was on the Digital transformation team for General Electric focusing on security services for the O&G market. In 2012 he was honored by Forbes as a "30 Under 30" recipient. Sean has a bachelor’s degree and MBA from the University of Colorado, Boulder.

Optiv Security: Secure greatness.™

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.