The Internet of Things is a massive attack surface that grows bigger every day. These devices are often riddled with basic security problems and high-risk vulnerabilities, and they are becoming a more frequent target of sophisticated hackers, including cyber criminals and nation-states.
?? ????????? ?????? ??? ????-??????? ??? ?????? ???????, ????????? ??? ?????? ????? ????? ???? ????? ??? ???????? ???? ?????????
?????? ? ???????? ??? ??-??-???? ????? ?????????
A more effective method is to discover IoT devices by interrogating them in their native language. This enables an organization to create an inventory of IoT devices that includes detailed information such as device version, model number, firmware version, serial number, running services, certificates, and credentials. This enables the organization to address these risks rather than simply discover them.
???????? ???????? ?? ?????????
IoT device attacks are simple to carry out because many of these devices still use default passwords. It’s critical to understand all of an IoT device’s details and capabilities so that effective passwords can be used and changes can be made safely. Consider replacing legacy devices with weak password parameters or no ability to provide any level of authentication with more modern products that will allow better security practices.
?????? ?????? ????????
Because vulnerabilities are so widespread, most IoT devices run on outdated firmware, posing significant security risks. Devices are vulnerable to attacks such as commodity malware, sophisticated implants and backdoors, remote access attacks, data theft, ransomware, espionage, and even physical sabotage due to firmware vulnerabilities.
IoT devices should be kept up to date with the most recent firmware version and security patches made available by vendors. To be sure, this can be difficult, especially in large organizations with hundreds of thousands to millions of these devices. However, it must be done in some way to keep the network secure. There are enterprise IoT security platforms that can automate this and other security processes at scale.
???? ??? ?????????? ???????????, ??? ????? ??????? ??????
IoT devices are often easy to discover and have too many connectivity features enabled by default, such as wired and wireless connections, Bluetooth, other protocols, Secure Shell, and telnet. This promiscuous access makes them an easy target for an external attacker.
It’s important for companies to do system hardening for IoT just as they have with their IT networks. IoT device hardening involves turning off these extraneous ports and unnecessary capabilities
?????? ???????????? ??? ?????????
IoT devices are frequently easy to find and have an excessive number of connectivity features enabled by default, including wired and wireless connections, Bluetooth, other protocols, Secure Shell, and telnet. Because of their open access, they are an easy target for an external attacker.
Companies must harden their IoT systems in the same way that they hardened their IT networks. Turning off these extraneous ports and capabilities is part of IoT device hardening.
????? ??? ??? ????????????? ?????
Once IoT devices have been secured and hardened, it is critical that they remain secure. Environmental drift is common, as device settings and configurations can change over time as a result of firmware updates, errors, and human interference.
Key device changes to be aware of include password resets or other credential modifications that did not come from the PAM, firmware downgrades, and the reactivation of insecure services.