The proliferation of the Internet of Things (IoT) devices in consumer, enterprise, and health care organizations, and their internal vulnerabilities has created a security blind spot for cybercriminals. They can launch a Zero-day attack to compromise devices like webcams, smart toys, routers, smart home, coffee machines, connected cars, and medical devices.
A survey “The Connected Enterprise: IoT Security Report 2020” from Palo Alto Networks highlighted a variety of cyberthreats due to the surge in IoT device deployment. The survey, based on the responses of 1,350 security leaders in 14 countries across Asia, Europe, the Middle East, Canada, and the U.S., revealed that the number of non-business devices connecting to corporate networks increased over the last year. The devices that regularly connect to corporate networks include smart teddy bears (34%), medical devices (44%), electric vehicles (27%), and connected kitchen appliances (43%).
IoT Risks: A Growing Concern
According to the survey, 57% of IoT devices are vulnerable to cyberattacks. Over 89% of security leaders reported seeing increased numbers of IoT devices on their networks last year, with more than 35% of them reported a significant increase. In addition, around 95% of security decision-makers stated that they have visibility of all the IoT devices on their organizations’ networks. However, 41% of respondents said they need to make improvements to the way they approach IoT security, and 17% said a complete revamp is needed.
One in five organizations in North America admitted that they have not segmented IoT devices onto separate networks, which is a basic security measure for building safe and smart networks. Only 20% reported following best practices of using micro-segmentation to contain IoT devices to their own controlled security zones.
How to Strengthen IoT Security
Palo Alto also recommended certain security steps for organizations in order to bolster their IoT security. These include:
- Employ device discovery for complete visibility. The first thing businesses need to do is get visibility into the exact number and types of devices on their networks, keeping a detailed, up-to-date inventory of all connected IoT assets, their risk profiles, and their trusted behaviors.
- Businesses should divide their networks into subsections to enable granular control over lateral movement of traffic between devices and workloads, reducing the attack surface. Virtual local area network (VLAN) configurations and next-generation firewall policies should be used to keep IoT assets and IT assets separate.
- Strong password security is fundamental to securing IoT devices. As soon as an IoT device is connected to the network, the IT team should change the weak default password with a secure one that aligns with the organization’s password policies.
- Most IoT devices are not designed to patch security flaws regularly, so it is critical that IT teams ensure devices are regularly patched for known vulnerabilities. To avoid data loss, add dedicated IoT aware file and web threat prevention as well as virtual patching capabilities via intrusion prevention.
- Traditional endpoint security solutions require software agents that IoT devices are not designed to take. Organizations should implement real-time monitoring to continuously analyze the behavior of all network-connected IoT endpoints by integrating existing security postures with their next-generation firewall.
Ivan Orsanic, Regional Vice President and Country Manager, Canada, at Palo Alto Networks, said, “The proliferation of IoT devices poses a major challenge for Canadian organizations. IoT devices, such as connected medical devices, lack basic security settings that make them vulnerable to being exploited. As employees continue to work remotely, it is imperative that IT teams introduce IoT security measures to shore up their defenses. It is striking that Canadian organizations say they can see the problem yet are struggling to solve it. Having visibility of IoT devices is great, but without proper network segmentation, cybercriminals could gain access into networks to do damage.”
