What constitutes a weak link? And what can be done to mitigate growing threats via IoT?
IoT technology everywhere. No this is not a vision statement, but a reflection of our reality. From wearables to smart home systems and routers… Devices with sensors that collect data in real time are rapidly expanding. To many they are a blessing, designed to make daily lives easier and improve organizations’ efficiency. Some devices, such as smart medical equipment and alarm systems, can even help save lives. But to IT security teams, they are, at best a source of angst and at worst, a security nightmare.
The perils of an expanding attack surface is also available in the following on-demand webinar
Meanwhile let’s take a look at the dark side of IoT that nobody wants to discuss:
Whether we like it or not, the transition to an ever-expanding connected wonderland, comes at a price. Technology companies churning out new connected devices at a menacing pace often overlook the security threats.
In the rush to embrace clever routers, smart alarms, security cameras or even moisture controllers, organizations have been ignoring the potential cybersecurity pitfalls of poorly secured connected devices. Inevitably hackers pick up on these opportunities to extract intellectual property or other sensitive data.
So how do hackers infiltrate organizations through IoT connected devices? How can a weakened link in the IoT chain lead to compromised digital assets? And what can be done to prevent the next attack beginning from an IoT hitch?
You are the weakest link. Goodbye!
Hackers attempts to exploit IoT devices, to get a foothold into an organization, are made possible due to these core weaknesses:
- One insecure device, at the right moment, is all it takes to create an attack vector in IT and OT networks
- Low-cost IoT designs are often built with security flaws in the first place
- Intended back doors are sometimes built into IoT devices
- IT teams may lack visibility into the number and type of devices creating inventory gaps and security posture risk
How a router, camera or innocent aquarium thermometer can be a gateway to disaster
The increase in use of connected devices in countless applications such as; asset tracking, equipment monitoring and managing environmental conditions, have vastly contributed to an expanded attack surface. Sitting within networks, IoT devices are almost the perfect target for cyber thieves and here’s why:
- They have their own IP address
- They make it possible to communicate with other connected network devices and systems
- Organizational and customer traffic often need to traverse these devices
A malicious attacker, that successfully gained entry into an internal routing and switching infrastructure, can monitor, modify, and even deny traffic between key hosts inside a network. Worse still, the attacker masquerading as a legitimate user, can leverage trust relationships to conduct lateral movement to critical assets and go under the radar.
Even an innocent thermometer sitting in a fish tank, as in the casino earlier this year, can be hooked into a hacker’s net and serve as a stepping stone to a critical database. If the manufacturer and / or the organization that purchased the goods ignored security measures, then the likelihood of a hacker’s attack is just a matter of time.
One of the worst IoT related disasters, would have to be the Mirai attack. On October 2016, it paralyzed most of the US east coast Internet. The unbearable ease in which the attack unfolded, highlights IoTs’ role in causing chaos on a national scale. Mirai took advantage of insecure IoT devices by simply scanning for big blocks of Telnet ports over the Internet. It then logged in with frequently used passwords for the devices, that apparently never changed. In this way, it could amass an army of compromised closed-circuit TV cameras and routers, ready to do its bidding. Incidentally, the hackers merely aimed to make a little money off Minecraft aficionados.
How to protect IoT devices from exploitation
In the cyber community there is a running joke; “The ‘S’ in IoT stands for security…”
Jokes aside, here are some steps to protect smart devices recommended by our research team:
- Renew the default passwords of your connected devices: Change your credentials if it still uses default ones
- Disable the universal Plug-&-Play which is the default in every IoT device, creating a security gap in your router that lets malware infiltrate any part of your network
- Disable Remote Management through Telnet: Log into the router’s settings, disable the remote management protocol
- Check for Software Updates and Patches; always keep your connected devices / routers up-to-date with the latest firmware
To view the on-demand webinar: