The Internet of Things is a massive attack surface that grows bigger every day. These devices are often riddled with basic security problems and high-risk vulnerabilities, and they are becoming a more frequent target of sophisticated hackers, including cyber criminals and nation-states.
𝗔𝘀 𝗮𝘁𝘁𝗮𝗰𝗸𝗲𝗿𝘀 𝘁𝗮𝗿𝗴𝗲𝘁 𝘁𝗵𝗲 𝗲𝘃𝗲𝗿-𝗴𝗿𝗼𝘄𝗶𝗻𝗴 𝗜𝗼𝗧 𝗮𝘁𝘁𝗮𝗰𝗸 𝘀𝘂𝗿𝗳𝗮𝗰𝗲, 𝗰𝗼𝗺𝗽𝗮𝗻𝗶𝗲𝘀 𝗰𝗮𝗻 𝗿𝗲𝗱𝘂𝗰𝗲 𝘁𝗵𝗲𝗶𝗿 𝗿𝗶𝘀𝗸𝘀 𝘄𝗶𝘁𝗵 𝘁𝗵𝗲𝘀𝗲 𝘀𝗶𝘅 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗯𝗲𝘀𝘁 𝗽𝗿𝗮𝗰𝘁𝗶𝗰𝗲𝘀
𝐂𝐫𝐞𝐚𝐭𝐞 𝐚 𝐡𝐨𝐥𝐢𝐬𝐭𝐢𝐜 𝐚𝐧𝐝 𝐮𝐩-𝐭𝐨-𝐝𝐚𝐭𝐞 𝐚𝐬𝐬𝐞𝐭 𝐢𝐧𝐯𝐞𝐧𝐭𝐨𝐫𝐲
A more effective method is to discover IoT devices by interrogating them in their native language. This enables an organization to create an inventory of IoT devices that includes detailed information such as device version, model number, firmware version, serial number, running services, certificates, and credentials. This enables the organization to address these risks rather than simply discover them.
𝐏𝐚𝐬𝐬𝐰𝐨𝐫𝐝 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐢𝐬 𝐞𝐬𝐬𝐞𝐧𝐭𝐢𝐚𝐥
IoT device attacks are simple to carry out because many of these devices still use default passwords. It’s critical to understand all of an IoT device’s details and capabilities so that effective passwords can be used and changes can be made safely. Consider replacing legacy devices with weak password parameters or no ability to provide any level of authentication with more modern products that will allow better security practices.
𝐌𝐚𝐧𝐚𝐠𝐞 𝐝𝐞𝐯𝐢𝐜𝐞 𝐟𝐢𝐫𝐦𝐰𝐚𝐫𝐞
Because vulnerabilities are so widespread, most IoT devices run on outdated firmware, posing significant security risks. Devices are vulnerable to attacks such as commodity malware, sophisticated implants and backdoors, remote access attacks, data theft, ransomware, espionage, and even physical sabotage due to firmware vulnerabilities.
IoT devices should be kept up to date with the most recent firmware version and security patches made available by vendors. To be sure, this can be difficult, especially in large organizations with hundreds of thousands to millions of these devices. However, it must be done in some way to keep the network secure. There are enterprise IoT security platforms that can automate this and other security processes at scale.
𝐓𝐮𝐫𝐧 𝐨𝐟𝐟 𝐞𝐱𝐭𝐫𝐚𝐧𝐞𝐨𝐮𝐬 𝐜𝐨𝐧𝐧𝐞𝐜𝐭𝐢𝐨𝐧𝐬, 𝐚𝐧𝐝 𝐥𝐢𝐦𝐢𝐭 𝐧𝐞𝐭𝐰𝐨𝐫𝐤 𝐚𝐜𝐜𝐞𝐬𝐬
IoT devices are often easy to discover and have too many connectivity features enabled by default, such as wired and wireless connections, Bluetooth, other protocols, Secure Shell, and telnet. This promiscuous access makes them an easy target for an external attacker.
It’s important for companies to do system hardening for IoT just as they have with their IT networks. IoT device hardening involves turning off these extraneous ports and unnecessary capabilities
𝐄𝐧𝐬𝐮𝐫𝐞 𝐜𝐞𝐫𝐭𝐢𝐟𝐢𝐜𝐚𝐭𝐞𝐬 𝐚𝐫𝐞 𝐞𝐟𝐟𝐞𝐜𝐭𝐢𝐯𝐞
IoT devices are frequently easy to find and have an excessive number of connectivity features enabled by default, including wired and wireless connections, Bluetooth, other protocols, Secure Shell, and telnet. Because of their open access, they are an easy target for an external attacker.
Companies must harden their IoT systems in the same way that they hardened their IT networks. Turning off these extraneous ports and capabilities is part of IoT device hardening.
𝐖𝐚𝐭𝐜𝐡 𝐨𝐮𝐭 𝐟𝐨𝐫 𝐞𝐧𝐯𝐢𝐫𝐨𝐧𝐦𝐞𝐧𝐭𝐚𝐥 𝐝𝐫𝐢𝐟𝐭
Once IoT devices have been secured and hardened, it is critical that they remain secure. Environmental drift is common, as device settings and configurations can change over time as a result of firmware updates, errors, and human interference.
Key device changes to be aware of include password resets or other credential modifications that did not come from the PAM, firmware downgrades, and the reactivation of insecure services.