The Internet of Things or IoT is now practically part of our lives, home or work. But the security of IoT deployments is now a perennial concern for organizations while offering secure ecosystems for all. Organizations are critically evaluating their security robustness as the threat landscape becomes complex.
749 billion USD was expected to be spent on IoT worldwide as per 2020 statistics, and global spending on IoT was predicted to touch 1.1 trillion USD by 2023. Interestingly, improving security was a key spending driver for most businesses when it came to adopting IoT.
Ransomware and IoT attacks are converging, doubling the ransomware attacks in 2020 and 2021, as confirmed by the Identity Theft Resource Center. The Mirai botnet attack in 2016 is a rude reminder of the unprecedented 1 Tbps distributed denial of service (DDoS) attack launched by compromising more than 145,000 IoT devices.
However, there are ways and means to protect IoT devices and the entire ecosystem from different threats and attacks.
IoT Device Security – The threat is bigger than you think
According to the Forrester report, the State of Enterprise IoT Security in North America that Armis commissioned, 74% of the survey respondents felt their security controls and practices needed to be improved to secure their managed and unmanaged assets. What made the situation worse was the tendency of organizations to work in silos for risk management. This posed a problem for unmanaged devices outside the office environment. A classic example is industrial process plants, where field and maintenance managers manage connected devices. Keith Walsh, OT security and operations director at Armis, explains, “Asset visibility is the first step in developing a security framework. You can’t secure what you can’t see.”
The pandemic has further aggravated the problem, as pointed out by an IoT Security Report 2021 by Palo Alto Networks. As per the report, 81% of those with IoT devices connected to their organization’s network confessed that working from home has led to greater vulnerability due to an increase in unsecured IoT devices.
The Colonial Pipeline hit by Darkside ransomware in 2021 was proof of how vulnerable the pipeline’s digital systems were. What’s worse is that the ransomware group behind the infamous hack is adding new capabilities by way of tactics, tools, and procedures to make hacking even easier.
In the first half of 2021, from January to June, there have been 1.51 billion breaches of IoT devices, posing a predicament for enterprise systems worldwide. In that period, 16 large-scale data leaks occurred in Vietnam, primarily due to compromised IoT, and jeopardized 97,000 banking and financial securities accounts.
What you need to do
Collaboration, clarity, and a stronger defense can help organizations address the IoT security concern. Here are a few ways to consider securing IoT devices effectively.
Ensure device discovery – You need to know the exact number of IoT devices connected to a network to secure them. You can only maintain a detailed inventory and identify the connected IoT assets if you have complete visibility. The visibility comes from details; note the specifics such as the manufacturer and model ID, the serial number, hardware, software, and configuration applied. You can then determine the risk profile for every device and how it impacts other connected devices within the network. These are the first steps to help you get started with proper segmentation for creating a firewall policy and updating your asset map.
Use network segmentation – Network segmentation greatly reduces the attack surface and offers granular control over the lateral movement between devices and workloads. It divides the network into two or more sections, thereby setting controls on the communication between endpoints. In the absence of such segments, diverse endpoints communicate directly within the unsegmented network, making it highly vulnerable. A single instance of compromise allows hackers to launch attacks laterally and endangers the whole network.
Adopt device authentication practices – Poor passwords can be a threat and lead to password-related attacks on IoT devices. A strong password is critical to secure IoT endpoints. Every time a new IoT device is connected to the network, resetting the old password with a more complex one is recommended. The new password should be unique and comply with all the guidelines of your organization’s password policies and management companies. A two-level authentication can also protect credentials and keep hackers at bay.
Patch and update firmware – Modern IT companies patch security flaws through regular updates. However, there are still countless companies out there that do not fix and let security flaws reside in their ecosystems indefinitely. But this practice can cause a lot of harm, especially in devices with long shelf life. The manufacturer may even discontinue supporting them. It is always a good idea to download new security patches from their website for known vulnerabilities and patch your devices regularly. Recurrent patch management and firmware upgrades should be essential to the security measures you implement within your organization to protect IoT devices. Many organizations are adding dedicated IoT-aware files, web threat prevention, and virtual patching to add more security layers and prevent data loss and intrusion.
Ensure 24X7 monitoring – Real-time monitoring is necessary to manage and mitigate IoT risks. Traditional solutions need to be equipped to protect IoT assets. Using a real-time IoT monitoring solution is the easiest way to review and assess the behavior of all network-connected IoT endpoints. It can seamlessly blend within your current security setup and should be considered while planning for your firewall investment to keep up with the dangerously high pace of invasion.
Mitigating IoT risks through collaboration and IT-OT convergence
IoT security is everybody’s responsibility; hence, every employee must comply with and update new policies implemented within an organization. A vulnerability disclosure program and product incident response can help enhance cybersecurity and encourage everyone to adopt best practices. Most importantly, operation technology (OT) teams and information technology (IT) teams must work collaboratively to make IoT security a reality. Both teams need to be given consistent visibility into the environment to ensure monitoring and enforcement. Culturally diverse, the teams can still work in tandem irrespective of the systems they are securing if they are provided this access.
Improve your IoT security posture with Trigent
It can be overwhelming to secure your IoT devices while managing the complex IoT lifecycle. Especially when different devices are exposed to multiple environments, some will be more susceptible to cyberattacks than others.
Our technology experts at Trigent can help you eliminate the risk of unsecured IoT with comprehensive cybersecurity solutions and industry best practices. Look no further if you wish to strengthen your cybersecurity defense while staying cost-efficient.