Interconnected devices are becoming the standard across all facets of technology. We are seeing this in everything from smart cities to tea pots and toasters. New IoT devices are popping up daily, rapidly adding to the 23 billion that already exist. These devices are designed for availability, accuracy and efficient work. Unfortunately, unprecedented numbers of these devices are hitting the market with poor security access control and little to no management oversight, making them a prime target for cyberattack. The goal of an attack is to control the device, but more common and concerning are the new ways an attacker can use devices to gain access to corporate, medical or operational networks. As a result, organizations must change the way they approach their security controls. It is no longer feasible to assume a security team can find every endpoint device, much less secure them.
The concept of predict, prevent, detect, respond are not new and are commonly seen within security frameworks. There is an imbalance of investment in prevention, which creates exposure when these defenses fail or get bypassed. With the proliferation of IoT devices that lack necessary security controls and governance, they create new risks that must be addressed. Organizations must address the cyber battle inside the network and focus on scalable early detection and programs that efficiently respond to successful infiltration.
IoT is a challenging, top-of-mind concern for defenders. In a recent Attivo Networks survey of more than 450 cybersecurity professionals, one-third of respondents reported securing specialized environments, such as IoT, as a top concern. Post-survey discussions indicated these concerns were based on lack of visibility into devices added to the network, ability to change or control passwords, ability to patch devices and lack of awareness when these devices were being misused. In the case of medical IoT, it is often illegal to make changes to these devices based on the concern that any post-factory adjustment could alter the operation of the device and potentially negatively affect patient safety.
Here are some of the most common threats facing these highly targeted attack surfaces and tips on how to guard against them:
Protecting specialized networks
Specialized networks have become increasingly common as the need for interconnected communications and on-demand services soars. A wide variety of industries are rapidly adopting interconnected devices in the forms of SCADA, IoT, and point of sale, which can be useful for delivering services, recording activities, relaying medical information and financial transactions. Growth in this area shows no sign of slowing, with an estimated 50 billion connected IoT devices expected by next year. The growth means potential new entry points for attackers.