Billions of shifting components continuously speaking to 1 one other; a residing community open to international invaders and viruses, all linked to a supercomputer housing a wealth of knowledge. I’m referring to the human physique, though you’d be forgiven for seeing the apparent parallels with the Web of Issues (IoT).
Fortunately for us, our our bodies home a millennia-old, tried-and-tested immune system to defend us towards viruses, determine and destroy malicious intruders and hold us, for probably the most half, working easily. However the identical can’t be stated for the evolving world of IoT.
In regards to the writer
Caleb Fenton, Analysis and Innovation Lead, SentinelOne.
And it’s evolving – quickly. Gartner predicts that the variety of IoT units is predicted to triple from seven billion to 21.5 billion, with 25% of cyber assaults concentrating on the IoT by the yr 2025.
Whereas these are staggering statistics, they shouldn’t come as a shock; cybercriminals are intelligent, cautious and regarded, and as such will determine and goal any apparent vulnerabilities earlier than them. In its present state then, the IoT might as effectively have a goal painted on its again.
The IoT blindspot
At present, many IoT units are a safety blindspot. Cheaper units aren’t constructed to face up to attackers nor shield the knowledge they home, but we’re more and more proudly owning extra of them every single day. As each new system joins the community, so too comes one other potential vulnerability.
Take IP security cameras for example. Many organisations house these for security, sitting on their corporate network. Because it shares that network, if an employee in a separate department has their machine infected with malware, any criminal intruders will be able to scan the network for connected devices, find the camera, and suddenly have eyes in your organisation – a frightening and potentially damaging prospect.
This is just one example of the vulnerabilities, but with so many IoT devices providing audio and visual feeds, as well as access to sensitive information, it’s not difficult to imagine similar attacks.
In fact, some of these attacks have already happened. Take the Mirai botnet, which in 2016 targeted smart home devices, in particular IP cameras and basic wireless routers. The botnet was utilised in some of the most disruptive DDoS attacks to date, including an attack on French web host OVH, and the Dyn cyber attack, which resulted in the inaccessibility of numerous high-profile websites, such as Twitter, Netflix and Airbnb.
Similarly, in 2017, an IoT botnet dubbed ‘Persirai’ threatened to hijack over 120,000 IP cameras, with most at-risk devices found in China, Thailand, and the US. In both cases a large majority of those who owned such basic home consumer devices were unaware of their threat potential. Suddenly, the possible detrimental impact of a seemingly innocent device, such as an IP camera, became startlingly clear.
A necessary evil
Just like our immune systems, cyber security follows a certain pattern. When any new system or device enters the market, hackers always find a way to exploit them. Developers then learn and patch them up, and the cycle would continue, hardening its security each time. Just as we need colds and flus to strengthen us as we grow, hackers are a vital part of evolving and improving security measures.
For further proof, turn your eyes to today’s industrial control systems. Having lived in bubbles with no exposure to the internet and the hackers that come with it, they haven’t had chance to develop an immune system. Now that they’re becoming a part of the network, we’re seeing an onslaught of cyber attacks against them, as they rarely have developed security measures in place.
Think like the enemy
Of course, just as we wouldn’t willingly offer ourselves up to a serious disease for the betterment of our health, we still need to do all we can to deter would-be attackers – as necessary as they may ultimately be. So, what is the answer to bolstering your organisation’s IoT immune system?
Thinking like an attacker is a great place to start. By looking at your network and all its connected components – from printers to cameras and more – and identifying how you would likely attempt a breach, you will begin to see the same vulnerabilities and gaps that criminals would target.
Another route I would strongly recommend is compartmentalising your network, otherwise known as taking a Software Defined Perimeter approach to your endpoint security. Most networks, even those belonging to large organisations with impressive security tools in place, are flat. This means that if an intruder successfully breaches their network, they can see a broad slough of almost everything. With a compartmentalised network, the intruder would only have access to the devices that specific machine is authenticated to talk to, thereby limiting the potential damage outcome.
Beyond this, much better visibility into the network is required. With this type of asset management, organisations will be able to visualise their networks, see what’s happening in real time and stop attacks in their tracks.
Ultimately security measures need to, and will, improve. We’re currently at the low point of the cycle I mentioned earlier, but with the right procedures, tools and education in place, we can give the IoT the immune system it needs to survive.