Networking technologies have made the world very small in the sense that they have allowed people who are thousands of miles apart to communicate in real-time. But network technologies and gadgets can be dangerous when it comes to cyber espionage. Hacked network equipment could cause losses in the tens and hundreds of US dollars. Botnets that affect poorly protected network devices are particularly dangerous. For example, the Mirai botnet, which initially spread by infecting routers, has damaged hundreds of millions of dollars to the global economy.
According to experts, the number of devices connected to the network will increase to 25 – 50 billion by 2020 and will reach 75 billion in 2025. All types of business use IoT very actively now, by 2022 the expenses in this sphere will reach $1 trillion. At the same time, in the pursuit of functionality, manufacturers and consumers forget about cybersecurity.
How real is the danger?
If someone had created an IoT security indicator, this device would have long been flashing red. A couple of years ago, Kaspersky Lab set up IoT traps (honeypots) that mimicked various gadgets running Linux. Just a few seconds after honeypot was activated, researchers began registering numerous attempts to connect to an open Telnet port. During the day, the number of unique requests reached tens of thousands.
How prevalent are these attacks? The risk is very real. CSO Online reports that 61% of all organizations have experienced an IoT security breach.
After analyzing the devices that were looking for open connections, it turned out that there are many industrial systems among them. In general, these devices should be well protected and be “behind the seven seals”. First of all, these were hacked systems for monitoring or controlling processes and equipment in different fields of industry and security. Here, experts found a wide spectrum of devices – from cash terminals in shops, restaurants and gas stations to digital television systems, environmental monitoring systems, security and access control systems, power management, and programmable controllers. We need to understand that these are just basic studies that reveal only the tip of the iceberg.
What is the cause of the problem?
In the world of corporations, everything is very complicated. Here are the reasons:
- Rapid penetration of IoT solutions and scaling of production infrastructure. Companies see technological innovations and seek to use them more quickly in the pursuit of business process optimization and production. Accordingly, different solutions are implemented without proper cybersecurity controls.
- Unreliable user authentication systems. Despite the fact that businesses, especially large businesses, use reliable authentication systems, IoT devices usually do not have such systems. Sensors added and switched on, and that is all. In such systems, often, default passwords are used. CNet has found that older devices are most susceptible to hackers, because they are harder to authenticate.
- The heterogeneity of IoT solutions. There are several thousand companies in the world that manufacture and supply IoT solutions. As a result, systems from different manufacturers could be installed at the same enterprise. These devices could have been checked for information security problems individually, but there was no comprehensive check of the finished infrastructure or even its parts.
- Super quick design-to-production process. To accelerate product launch, many companies do not create a device from scratch but use pre-made components, including a chip, camera, wireless communication modules, etc. Any of these elements can be hacked. In an ideal situation, the IoT system needs to be tested for several weeks before starting implementation.
So, what to do?
There are many suggestions, here are some of them:
- Certification of IoT systems
- Introduction of industry and national security standards (possibly international).
- When building a new IoT system for your company, it is necessary to carry out a full-fledged security audit by the specialists of the company’s IT department or with the help of outsourced security specialists.
- Use a multi-layer security software approach which includes antivirus, firewall, intrusion detection tools, virtual private network.
- Disable IoT debugging features.
- Implement physical protection of IoT devices.
- Abandon the practice of creating final systems from the “zoo” of completely different solutions. It is difficult to do it now because of the lack of standards, but over time the situation should improve.
- Implement reliable user authentication systems.
- Manufacturers should stop using obviously vulnerable technologies, protocols and software platforms.
- Use advanced hardware security gateways which include machine learning technologies to effectively protect against zero-day threats.
The situation is unlikely to change until major consumers of IoT solutions for business – ie, companies and corporations of different levels – want to change it. The market situation will change as soon as we impose higher security requirements for IoT devices.