The Ever-Growing Attack Surface of IoT: Your Questions Answered
The impact of the Internet of Things is already making itself felt in our homes and in our everyday lives. This means an ever-growing threat for businesses as they try to keep pace with the new threats these devices present.
The Internet of Things is a seemingly ubiquitous term for the myriad of connected devices we increasingly use. From the “Smart Home” controller to the electronic sensor on a factory floor, the connected “things” that make up the Internet of Things are permeating almost every aspect of our lives.
The term’s ubiquitousness stems from our seemingly overwhelming drive to connect even the most humble of objects – whether that be your home fridge or the office printer. There are now more “things” connected to the Internet than there are human users.
As the adoption of these connected devices grows, so does the attack surface we present to would-be hackers.
What is an attack surface?
When we talk about an “attack surface” in the context of IT, we are simply referring to the points of exposure in your IT landscape; the possible ways in which a hacker might try to gain access to your company network.
Why will the Internet of Things widen the potential for attack?
We know that networks are only as secure as their weakest link. As Deloitte has stated, “While defenders are compelled to plug every security gap in their complex, changing environments, the attacker only needs to take one successful action to win.”
As you add new connected devices to your network, not only are you adding a new potential focus of attack, that device may well be your new weakest link.
The effort to secure competitive advantage is creating a rush to develop new, connected devices amongst traditional manufacturers, many of which do not have the in-house skills and knowledge to be aware of the risks. As result, some of the new Internet-capable devices being deployed today are not being developed with a close enough focus on the necessary security measures.
Why are IOT devices so attractive to hackers?
It isn’t only because they are often so poorly secured that your IoT devices are a tempting target. The IoT devices sitting within your network are attractive to potential hackers because they offer a route into your network and its data.
• They have their own IP address, making it possible to communicate with other network devices and systems.
• This gives hackers a toehold into your network – potentially exposing network traffic to the hacker.
• The hacker can then leverage established trust relationships to move around your network unnoticed.
• An infected device could be used as a launchpad for attacks on your own internal infrastructure which is usually unprotected on this side of your firewall.
• Your IoT devices could be used as part of a larger denial of service attack – such as the October 2016 Mirai attack that bought most of the Internet to a halt on America’s West Coast using insecure IoT devices.
Why is it so difficult to secure IoT devices?
As we’ve already noted, many IoT devices are inherently insecure.
But even if the device comes with good security built in, once installed IoT devices are typically poorly managed, patched and secured. Ask yourself: are your IoT devices itemised as part of your regular update plan?
The situation is further complicated because of the very nature of the devices. As Bob Tarzey notes in Computer Weekly, “the rising tide of Shadow IT and consumerisation lead lines-of-business and end users to deploy their own devices”.
Because of the ease of simply adding a new connected device to the network, IT managers and business owners don’t always have visibility of which devices are being used, where or when.
What can organisations do to protect themselves?
Network monitoring tools are a vital first step: knowing what devices have access to your network is vital if you are going to protect them.
For planned IoT deployments, security must be a critical part of purchasing decisions. Siting devices behind a gateway where security functions can be aggregated across devices helps to add an extra layer of security. Isolating network segments with secure gateways can also help to minimise the risk stemming from non-approved connected devices.
Your usual network scanning solutions will help to identify potential threats or infected devices. Ideally, you need a system that allows threats to be sandboxed and endpoints to be quarantined and their network access limited (depending on the severity of the threat detected and the permissions of the compromised device).
What can micro-businesses do to protect themselves?
Network monitoring technology can be expensive. For very small and micro businesses, they usually aren’t a realistic option (unless IT is part of your core business operations and, therefore, vital to secure).
Instead, SMB leaders should focus on:
• Research your connected device well before purchase. How much of a focus on security is there on the manufacturer’s website? What is the manufacturer doing to secure the device? Are there security concerns raised against it?
• Ensure you have strong Wi-Fi encryption. Use the strongest encryption your router can support.
• Change all standard passwords on your connected devices. Ensure that you exchange factory settings for a strong and unique password.
• Check the device to see if there are additional security configurations you can implement. These may be accessed via the device settings – or check with the manufacturer.
• Turn off all the features of the connected device that you are not using.
These simple steps will help to reduce the risk each of your connected devices pose.
Do you need additional help or advice?
Don’t worry. Grant McGregor consultants are on hand to help. Whatever the size of your business, we can help you assess IT security risks and put an action plan in place to reduce your attack surface and be prepared to deal with any threat or attack.
Contact us today 0808 164 4142.