Billions of moving parts are constantly talking to each other; A living network open to foreign invaders and viruses, all connected to a supercomputer that houses vast amounts of information. I'm referring to the human body, although you'd be forgiven for seeing the obvious parallels with the Internet of Things (IoT). Fortunately for us, our bodies have an immune system that has been tested over millennia to defend us against viruses, identify and destroy malicious intruders, and keep us, for the most part, in good working order. But the same cannot be said for the evolving world of IoT.
About the author Caleb Fenton, Head of Research and Innovation, SentinelOne. And it is changing, rapidly. Gartner predicts that the number of IoT devices will triple from 7 billion to 21.5 billion, with 25% of cyberattacks targeting IoT by 2025. While these statistics are staggering, they shouldn't come as a shock; Cybercriminals are smart, cautious, and considerate, and as such, they will identify and attack all obvious vulnerabilities before them. In its current state, the IoT can also have a target painted on the back.
The IoT blind spot
Today, many IoT devices are a security blind spot. The cheapest devices are not designed to resist attackers or to protect the information they house, but we have more and more of them every day. As each new device joins the network, another potential vulnerability also emerges. Let's take the example of IP security cameras. Many organizations host them for security, sitting on their corporate network. Because it shares this network, if an employee from a separate department has their machine infected with malware, any criminal hacker will be able to search for devices connected to the network, find the camera, and suddenly have eyes on your organization – a frightening and potentially damaging prospect. . This is just one example of the vulnerabilities, but with so many IoT devices providing audio and visual streams, as well as access to sensitive information, it's not hard to imagine similar attacks. In fact, some of these attacks have already taken place. Take the Mirai botnet, which targeted smart home devices in 2016, especially IP cameras and basic wireless routers. The botnet has been used in some of the most damaging DDoS attacks to date, including an attack against the French host OVH and the Dyn cyberattack, which resulted in the inaccessibility of many high-end websites, including Twitter, Netflix and Airbnb. . Similarly, in 2017, an IoT botnet called "Persirai" threatened to hijack more than 120,000 IP cameras, most of the devices at risk being in China, Thailand, and the United States. In both cases, a large majority of those who owned these basic consumer devices were unaware of their threat potential. Suddenly, the potentially damaging impact of a seemingly innocent device like an IP camera became incredibly clear.
A necessary evil
Like our immune systems, cybersecurity follows a certain pattern. When a new system or device hits the market, hackers always find a way to exploit it. Developers then learn and fix them, and the cycle continues, each time increasing their security. Just as we need colds and flu to strengthen us as we grow, hackers are an essential part of evolving and improving security measures. For more evidence, turn to current industrial control systems. Having lived in bubbles with no exposure to the internet and the hackers that come with it, they have not had the opportunity to develop an immune system. Now that they are part of the network, we are witnessing an onslaught of cyberattacks against them, as they have rarely implemented security measures.
Think like the enemy
Of course, just as we wouldn't want to voluntarily consent to serious illness to improve our health, we still have to do everything we can to deter would-be attackers, however much it is ultimately necessary. So what's the answer to strengthening your organization's IoT immune system? Thinking like an attacker is a good place to start. By examining your network and all of its connected components, from printers to cameras and more, and identifying how you'd likely attempt a breach, you'll begin to see the same vulnerabilities and loopholes that criminals would face. Another route I would recommend is to compartmentalize your network, also known as taking a software-defined perimeter approach to your endpoint security. Most networks, even those belonging to large organizations with impressive security tools, are flat. This means that if an intruder does manage to penetrate your network, they can see a wide range of almost anything. With a compartmentalized network, the intruder would only have access to the devices that a specific machine authenticates with to talk, limiting the potential damage. Beyond that, better visibility on the network is necessary. With this type of asset management, organizations will be able to visualize their networks, see what is happening in real time, and stop attacks in their tracks. In short, security measures must and will improve. We are currently at the bottom of the cycle I mentioned earlier, but with the right procedures, tools, and education, we can give IoT the immune system it needs to survive.