The Internet of Things is a massive attack surface that grows bigger every day. These devices are often riddled with basic security problems and high-risk vulnerabilities, and they are becoming a more frequent target of sophisticated hackers, including cyber criminals and nation-states.
๐๐ ๐ฎ๐๐๐ฎ๐ฐ๐ธ๐ฒ๐ฟ๐ ๐๐ฎ๐ฟ๐ด๐ฒ๐ ๐๐ต๐ฒ ๐ฒ๐๐ฒ๐ฟ-๐ด๐ฟ๐ผ๐๐ถ๐ป๐ด ๐๐ผ๐ง ๐ฎ๐๐๐ฎ๐ฐ๐ธ ๐๐๐ฟ๐ณ๐ฎ๐ฐ๐ฒ, ๐ฐ๐ผ๐บ๐ฝ๐ฎ๐ป๐ถ๐ฒ๐ ๐ฐ๐ฎ๐ป ๐ฟ๐ฒ๐ฑ๐๐ฐ๐ฒ ๐๐ต๐ฒ๐ถ๐ฟ ๐ฟ๐ถ๐๐ธ๐ ๐๐ถ๐๐ต ๐๐ต๐ฒ๐๐ฒ ๐๐ถ๐ ๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐ ๐ฏ๐ฒ๐๐ ๐ฝ๐ฟ๐ฎ๐ฐ๐๐ถ๐ฐ๐ฒ๐
๐๐ซ๐๐๐ญ๐ ๐ ๐ก๐จ๐ฅ๐ข๐ฌ๐ญ๐ข๐ ๐๐ง๐ ๐ฎ๐ฉ-๐ญ๐จ-๐๐๐ญ๐ ๐๐ฌ๐ฌ๐๐ญ ๐ข๐ง๐ฏ๐๐ง๐ญ๐จ๐ซ๐ฒ
A more effective method is to discover IoT devices by interrogating them in their native language. This enables an organization to create an inventory of IoT devices that includes detailed information such as device version, model number, firmware version, serial number, running services, certificates, and credentials. This enables the organization to address these risks rather than simply discover them.
๐๐๐ฌ๐ฌ๐ฐ๐จ๐ซ๐ ๐ฌ๐๐๐ฎ๐ซ๐ข๐ญ๐ฒ ๐ข๐ฌ ๐๐ฌ๐ฌ๐๐ง๐ญ๐ข๐๐ฅ
IoT device attacks are simple to carry out because many of these devices still use default passwords. It’s critical to understand all of an IoT device’s details and capabilities so that effective passwords can be used and changes can be made safely. Consider replacing legacy devices with weak password parameters or no ability to provide any level of authentication with more modern products that will allow better security practices.
๐๐๐ง๐๐ ๐ ๐๐๐ฏ๐ข๐๐ ๐๐ข๐ซ๐ฆ๐ฐ๐๐ซ๐
Because vulnerabilities are so widespread, most IoT devices run on outdated firmware, posing significant security risks. Devices are vulnerable to attacks such as commodity malware, sophisticated implants and backdoors, remote access attacks, data theft, ransomware, espionage, and even physical sabotage due to firmware vulnerabilities.
IoT devices should be kept up to date with the most recent firmware version and security patches made available by vendors. To be sure, this can be difficult, especially in large organizations with hundreds of thousands to millions of these devices. However, it must be done in some way to keep the network secure. There are enterprise IoT security platforms that can automate this and other security processes at scale.
๐๐ฎ๐ซ๐ง ๐จ๐๐ ๐๐ฑ๐ญ๐ซ๐๐ง๐๐จ๐ฎ๐ฌ ๐๐จ๐ง๐ง๐๐๐ญ๐ข๐จ๐ง๐ฌ, ๐๐ง๐ ๐ฅ๐ข๐ฆ๐ข๐ญ ๐ง๐๐ญ๐ฐ๐จ๐ซ๐ค ๐๐๐๐๐ฌ๐ฌ
IoT devices are often easy to discover and have too many connectivity features enabled by default, such as wired and wireless connections, Bluetooth, other protocols, Secure Shell, and telnet. This promiscuous access makes them an easy target for an external attacker.
Itโs important for companies to do system hardening for IoT just as they have with their IT networks. IoT device hardening involves turning off these extraneous ports and unnecessary capabilities
๐๐ง๐ฌ๐ฎ๐ซ๐ ๐๐๐ซ๐ญ๐ข๐๐ข๐๐๐ญ๐๐ฌ ๐๐ซ๐ ๐๐๐๐๐๐ญ๐ข๐ฏ๐
IoT devices are frequently easy to find and have an excessive number of connectivity features enabled by default, including wired and wireless connections, Bluetooth, other protocols, Secure Shell, and telnet. Because of their open access, they are an easy target for an external attacker.
Companies must harden their IoT systems in the same way that they hardened their IT networks. Turning off these extraneous ports and capabilities is part of IoT device hardening.
๐๐๐ญ๐๐ก ๐จ๐ฎ๐ญ ๐๐จ๐ซ ๐๐ง๐ฏ๐ข๐ซ๐จ๐ง๐ฆ๐๐ง๐ญ๐๐ฅ ๐๐ซ๐ข๐๐ญ
Once IoT devices have been secured and hardened, it is critical that they remain secure. Environmental drift is common, as device settings and configurations can change over time as a result of firmware updates, errors, and human interference.
Key device changes to be aware of include password resets or other credential modifications that did not come from the PAM, firmware downgrades, and the reactivation of insecure services.