As IoT use ramps up, so do attacks on networks
- By Peter Martini
- Feb 28, 2018
While the public is increasingly aware of the internet-of-things technology all around them, many people remain blind to how vulnerable IoT leaves them to data theft. What’s even more concerning is that the threat landscape is maturing, faster than many network administrators can keep pace with.
That’s because the distributed denial of service attacks and highly disruptive network shutdowns that characterized IoT hacking in the past are becoming far more targeted and sophisticated. This is especially concerning for major infrastructure projects that leverage IoT tools, as hacks into these networks can leave entire municipal data stores vulnerable to theft.
From “muscle-flexing” to financial gain
In 2016 and 2017, there were a rash of DDoS attacks targeting IoT devices that really started giving cybersecurity experts pause about the rapid adoption of new connected devices.
The Mirai attack was one such DDoS operation that used an army of botnet-infected IoT devices to flood networks like Twitter, GitHub and PlayStation -- just to name a few -- with “loud” network traffic. This drowned out legitimate directives from network administrators attempting to mediate the attack, forcing the servers to shut down as traffic overwhelmed their operations.
Closed-circuit TV cameras -- used by both private and public entities -- were the top device compromised in these attacks.
While the Mirai attack caused headaches and ran up hefty bills for remediation at the companies affected, it was largely considered an exercise in showboating. Pras Jha, who pleaded guilty to orchestrating the attack alongside two classmates, was able to make vulnerabilities to IoT networks glaringly obvious. This opened the door up to a new generation of attackers to “one-up” Jha by attacking financial assets, taking advantage of readily available ransomware to exploit poorly secured IoT networks for big pay offs.
Forward-facing protections a must
Many IT teams and network security administrators are already taking exhaustive measures to future-proof their networks for tomorrow's advanced threats. While these teams may be taking stock of the mobile devices, branch offices and remote workers that need protection across their network, IoT devices will to increase the number of devices by a significant order of magnitude. Even if IT managers are dedicating separate networks for IoT, administrators must use the same diligence in making sure these networks are as manageable as possible. This includes assessing their hardware for security gaps, including weak encryption implementation or inadequate patching functions.
For instance, where encryption is involved, IT teams must ensure that data is encrypted while at rest and in motion. Just relying on full-disk encryption, for instance, will help secure data when a device or server is turned off. But as soon as a user logs on or powers up the technology housing that content, anyone -- including bad actors who entered the network during downtime -- can access that previously encrypted data.
Rather, teams must use encryption at all times, employing solutions that leverage industry standards like SSL to ensure protections are up to date. Equally important -- if not even more so -- is ensuring that encryption keys are stored privately and offline – not within a server with access to the network.
Organizations must also ensure that they are putting defenses at network gateways to stop bad actors from accessing data stores to begin with. This requires teams to take a “defense-in-depth” approach to network security, putting as many layers of protections at network gateways as possible. Just relying on firewalls, for instance, won’t suffice as these protections only look at packets of data streaming past the perimeter -- not the whole file. Standard proxies, too, can complement the firewall protections, but they still have their limitations and usually require constant tweaking.
Instead, secure web gateways that fold a consortium of solutions into a single management console can help bring sanity and clarity to an otherwise messy network of interconnected devices. Firewalls, proxies and an array of active defense mechanisms -- from sandboxing to content filtering – can be combined into an effective network gateway to block bad actors from entering the network and leaving with valuable data.
Even the most extensive network security solutions can’t thwart every threat -- especially as IoT devices make network security more complicated than ever before. But with risks rapidly growing, organizations would be wise to explore the most extensive defenses possible.
Peter Martini is the president and co-founder of iBoss.