How Internet Things Threaten Your Company’s Security

How Internet Things Threaten Your Company’s Security

More than 30% of the devices on your network belong to the Internet of things. Globally, there are already millions of wireless devices with Internet updates and communicating with each other: fitness bracelets on hand, doorbells, refrigerators and home file storage systems, video cameras in banks, building climate systems, robots in production, POS machines in stores, medical equipment in hospitals, portable medical devices for blood pressure and sugar control.

The main problem: all these devices can be a gateway for an intruder to access your network. The company’s employees bring such devices and connect them to the wireless network. None of the manufacturers try to make such devices secure. That is why they find vulnerabilities in such devices that allow them to be accessed and the next step is to access the entire network.

There is a history when the intruders were able to access casino network client data via the aquarium temperature sensor in the hall. The break-in was only detected after the data was stolen.

According to a study by Palo Alto Networks’ UNIT42 laboratory, 57% of IoT devices have medium and high criticality vulnerabilities. Can you trust the kind of vulnerable devices that your employees bring into your network? These devices are invisible to conventional controls, difficult to update, can’t be placed on standard security agents, they are omnipresent and cheap. Threats of attacks through IoT can no longer be ignored. It is already necessary to look for a solution. According to a McKinsey survey, 75% of companies give top priority to IoT threats.

Password policy

Changing standard passwords to complex secret passwords is the foundation of IoT security. As soon as the IoT device connects to the network, the security command should immediately change the default password to passwords that comply with the organization’s policy.

Device detection

According to a survey of 1350 IT managers in different countries, it was found that the network finds quite unusual devices: portable medical devices, coffee machines and kettles, electronic scales, game devices, children’s toys. Already there are smart trash cans in networks, washing machines, bulbs and sockets operated through the Internet. The device with the price of 1 dollar can be connected to the network and threaten the company with the price of a million dollars.

You can not protect yourself from what you do not see. Modern security systems come to your aid: they easily distinguish the webcam from the payment terminal and from the smart TV using machine learning. The best solutions can also identify the manufacturer and software versions. Also, the control of device behavior allows you to assign to each of their risk levels and to track attacks in time.

Infection cases have already been identified. For example, in one case, a coffee machine was infected with a cryptolocker and encrypted the chemical plant control systems located in the same wifi network.

Blocking IoT attacks: segmenting, behavioral analysis, updates, attack detection

The main protection method is network segmentation. Modern manufacturers have equipped the new generation of NGFW with IoT control functions to control devices and files that come to them on a new level. Standard VLAN technologies allow separating network segments.
Also, device behavior and necessary lockouts are implemented by modern firewalls and behavior control systems such as NTA and UEBA.

And also the use of NGFW allows you to enable built-in attack detection and blocking mechanisms (IPS).


Source – LiNK

WARNING! All links in the articles may lead to malicious sites or contain viruses. Follow them at your own risk. Those who purposely visit the article know what they are doing. Do not click on everything thoughtlessly.


0 0 vote
Article Rating
Notify of
Inline Feedbacks
View all comments

Do NOT follow this link or you will be banned from the site!
Would love your thoughts, please comment.x

Spelling error report

The following text will be sent to our editors: