Network technologies have made the world very small, in the sense that they allowed people who are thousands of kilometers apart to communicate in real time. But network technologies and devices can also be dangerous when it comes to cyber espionage. Previously, we had already published articles stating that hacking network equipment could result in losses of tens or hundreds of US dollars. The main danger are botnets that infect poorly protected network devices.
Another issue is IoT in business and industry. According to experts, the number of devices of all types connected to the network will increase to 25-50 billion by 2020, and will reach 75 billion in 2025. Business is very active in using IoT, by 2022 the cost of this area will reach $ 1 trillion. But in the pursuit of functionality, manufacturers and consumers forget about cybersecurity.
How real is the danger?
If someone had created an IoT danger indicator, then this device would have long screamed like a siren and blinked red. A couple of years ago, Kaspersky Lab set up IoT traps (Honeypot) that simulated various gadgets running Linux. Just a few seconds after activating Honeypot, they began to register the first attempts to connect to an open Telnet port. During the day, the number of unique calls to “traps” reached several tens of thousands.
After analyzing the devices that were looking for open connections, it turned out that there were a lot of industrial systems among them, which, in fact, should be well protected and be “behind seven locks”. It is, first of all, about hacked monitoring systems or device management in the field of industry and security. Here, the whole spectrum – from the cash registers of shops, restaurants and gas stations to digital television broadcasting systems, environmental monitoring, security and access control, power management, as well as programmable controllers used in industry. There was even a monitoring system for a seismic station in Bangkok.
Experts at another company, Positive Technologies, found that smart power grids are extremely vulnerable to hacking.
It’s important to understand that these are superficial studies that open only the top of the iceberg. If they would dig deeper, other surprises would probably have been discovered too.
What is the reason of the problem?
In the corporate world, things are a little more complicated. The reasons are next:
- Rapid penetration of IoT solutions and scaling of production infrastructure. Companies see technological innovations and strive to use them faster for optimizing business processes and production. Accordingly, different solutions are implemented without proper control from the cybersecurity point of view;
- Unreliable user authentication systems. Despite the fact that the business, especially the large one, uses reliable authentication systems, IoT devices are usually not affected. They put the sensors, launched them – and okay. But the fact that in such systems, often the default password / login stays linked, is somehow forgotten.
- Difference of IoT solutions. In the world there are several thousand companies that manufacture and supply IoT solutions for business. As a result, systems of different manufacturers can be installed at the same enterprise, which could be tested separately for information security, but there was no comprehensive verification of the finished infrastructure or even its parts.
To speed up the launch of the product on the market, many companies do not create a device from scratch, but use ready-made components, including chip, camera, wireless communication modules, etc. Any of these elements may be subject of cracking. In an ideal situation, IoT systems need to be tested for several weeks before starting implementation.
So what to do?
There are many offers, but most of them can be reduced to this list:
- Certification of IoT systems, the introduction of industry and state safety standards (possibly international). As a starting point for the development of such standards, you can take industrial control systems;
- Before an implementing the system to production, conduct a full-fledged security audit by the specialists of the information security department of the company or by using outsourced specialized companies;
- Disable debugging mechanisms, implement physical device protection;
- Refuse to create systems from different solutions. Now it is difficult to do this due to the lack of certification, but the situation improves over time;
- Implementation of reliable user authentication systems;
- On the part of manufacturers, the rejection of knowingly vulnerable technologies, protocols, and software platforms;
- Use of integrated security software with anti-virus, firewall, intrusion detection tool.
- The use of modern hardware security gateways with all of the above plus machine learning technologies for effective protection against zero-day threats.
In general, the situation is unlikely to change until the main consumers of IoT solutions for business —companies and corporations of different levels — want to change it. As soon as increased demands will be placed to IoT devices, the market situation will change.
Perhaps you have examples of problematic situations with IoT in the company or your workplace? Share it with us in the comments below. And if you can, show us how you solved the problem.