ANNOUNCEMENT: Security On-Demand Announces ThreatWatch Response and Remediation Service | SEE RELEASE
HR Photos for Marina (2)

The Internet of Things: A New Opportunity for Hackers

The Internet of Things is an exciting and innovative technological evolution that is changing the way we live, do business, and interact.  The IoT provides improvements in efficiency, convenience, and overall business processes.  Such technological advancements are welcomed and ought to be embraced.  However, from a cybersecurity standpoint, the IoT causes more problems and challenges than it fixes.  Any organization actively adopting the IoT must make security a key priority.

There is huge market demand for the IoT.  Research conducted by Statista discovered IoT connected devices worldwide is projected to amount to 30.9 billion units by 2025, and an exponential increase from the 13.8 billion units that are expected in 2021.  As such, companies are producing products as fast as they can get them to market.  Often this means products are not being developed with security in mind; vulnerabilities in the code are common.

Similarly, when companies purchase smart devices and integrate them, often they do not consider the security risk they may pose. Perhaps the device is innocuous; a one off integration that connects to the network to maintain quality.  As more and more IoT devices are connected to the network, the larger the attack surface becomes. Thereby providing hackers with increased opportunity for exploitation.

Illustrating the risk that IoT exposes are two popular attacks that kicked off the IOT hacks that we commonly see today: A casino breach via a smart thermometer and the Mirai IoT Botnet

 

 

IOT Popular Hack #1: Casino

The legendary casino breach was reported in which their high-roller database was accessed and stolen by hackers through exploiting the aquarium thermometer.  Through reconnaissance efforts the hackers discovered the thermometer and exploited it to access the corporate network.  Once in the corporate network they traversed around and discovered the database and pulled it off the network.

This perfectly illustrates the risk that IoT introduces into the enterprise environment. A random, seemingly innocent device is not developed securely. Said device is deployed and connected to the corporate network. Hackers discover it, exploit it, and then steal data.

IOT Popular Hack #2: Mirai Botnet

Recognizing the security deficiencies in the IoT, the people behind the botnet scanned the internet looking for open Telnet ports.  Once identified, they then attempted to login to those devices using a variety of common default usernames and passwords.  On devices they were able to successfully log into, the Mirai tool was installed and turned the device into a bot.

A majority of the devices that became bots in this digital army were IoT devices.  Again, this is because they were not built with security in mind and Telnet is an easy way for administrators to remotely access the system for maintenance.

So in this case, the IoT was not a means by which the hackers launched a data breach, rather it hijacked corporate assets to be used in an attack.

Recommendations for Securing IOT

  1. Don’t be afraid of the IoT, just make sure you consider the security implications
  2. When IoT products are purchased, ensure they are isolated to only the part of the network to which it requires access
  3. Include IoT products within the scope of your annual pen-test
  4. Change default passwords
  5. Patch all devices, internally and externally facing
  6. Gain visibility into your IOT environment by adding 24×7 monitoring to your security stack.

About Security On-Demand

Security On-Demand (SOD) provides full-spectrum threat management and advanced cyber threat detection services for hundreds of businesses and government agencies globally. SOD’s patented, behavioral-analytics ThreatWatch technology enables the detection of advanced threats to protect brand value and reduce the risk and mitigate the impact of a data breach. SOD is headquartered in San Diego, CA with international R&D offices and a Security Operation Center in Warsaw, Poland.

Sources: