More than 30% of the devices on your network belong to the Internet of things. Globally, there are already millions of
The main problem: all these devices can be a gateway for an intruder to access your network. The company’s employees bring such devices and connect them to the wireless network. None of the manufacturers try to make such devices secure. That is why they find vulnerabilities in such devices that allow them to be accessed and the next step is to access the entire network.
According to a study by Palo Alto Networks’ UNIT42 laboratory, 57% of IoT devices have medium and high criticality vulnerabilities. Can you trust the kind of vulnerable devices that your employees bring into your network? These devices are invisible to conventional controls, difficult to update, can’t be placed on standard security agents, they are omnipresent and cheap. Threats of attacks through IoT can no longer be ignored. It is already necessary to look for a solution. According to a McKinsey survey, 75% of companies give top priority to IoT threats.
Changing standard passwords to complex secret passwords is the foundation of IoT security. As soon as the IoT device connects to the network, the security command should immediately change the default password to passwords that comply with the organization’s policy.
According to a survey of 1350 IT managers in different countries, it was found that the network finds quite unusual devices: portable medical devices, coffee machines and kettles, electronic scales, game devices, children’s toys. Already there are smart trash cans in networks, washing machines, bulbs and sockets operated through the Internet. The device with the price of 1 dollar can be connected to the network and threaten the company with the price of a million dollars.
You can not protect yourself from what you do not see. Modern security systems come to your aid: they easily distinguish the webcam from the payment terminal and from the smart TV using machine learning. The best solutions can also identify the manufacturer and software versions. Also, the control of device behavior allows you to assign to each of their risk levels and to track attacks in time.
Infection cases have already been identified. For example, in one case, a coffee machine was infected with a cryptolocker and encrypted the chemical plant control systems located in the same wifi network.
Blocking IoT attacks: segmenting, behavioral analysis, updates, attack detection
The main protection method is network segmentation. Modern manufacturers have equipped the new generation of NGFW with IoT control functions to control devices and files that come to them on a new level. Standard VLAN technologies allow separating network segments.
Also, device behavior and necessary lockouts are implemented by modern firewalls and behavior control systems such as NTA and UEBA.
And also the use of NGFW allows you to enable built-in attack detection and blocking mechanisms (IPS).