In an attack directed at Dyn, a US internet infrastructure firm, a distributed denial of service (DDoS) assault deployed millions of IP addresses. As a result of this attack, leading websites, such as Airbnb, Amazon, Spotify, and Twitter, were inaccessible to users on the east coast of the United States and parts of Europe. One source of the traffic for the attacks was devices infected by the Mirai botnet which targets vulnerable IoT devices that then bombard popular websites with traffic, keeping genuine users from accessing them. Today, anything and everything that is connected to an IP address can be reached somehow and in some way. With the increasing reach of IoT, Gartner predicts 26 billion units by 2020. IoT devices have become attractive targets for cybercriminals who are eager to exploit vulnerabilities as more and more devices come online. This danger makes protecting intellectual property (IP), customer data and operational infrastructures a top priority for enterprises. Here are some ways in which this impending problem can be addressed:
- Prevention is better than a cure
The best security practices need to be implemented in IoT products at the point in time when they are designed. These security features should be a mix of hardware and software elements that keep in mind the system view. Product managers and security specialists must plan the product roadmap and integrate security when designing the core features and functionality. A collaborative effort will ensure that the business and security concerns are well balanced and that any vulnerabilities are addressed early in the product lifecycle. However, designing a secure product from scratch can be time and cost intensive and may still be prone to security holes. Also, this approach may not work for older devices that are being retrofitted with smart technology. In such a scenario, it can sometimes be smarter to rely on pre-integrated solutions that expert teams have verified.
If the product is being built from the ground up, a complete security evaluation, with an external security code audit or white box testing, should be planned. Business leaders also need to identify where their organization’s vulnerabilities lie through an analysis of disruptive attack scenarios. They need to evaluate the financial and non-financial impact of an attack on the organization (e.g., protection against scalable attacks may be priority because these can inexpensively be duplicated in other devices).
- Keep them apart
Maintaining a segmented network provides an added layer of security in the event that a breach does occur. Setting up a separate local network exclusively for IoT devices is advisable. Many Wi-Fi routers support additional or guest networking without having access to shared files or other networked devices. The more you segment the networks, the harder it is for hackers to access information.
- Keeping track
The “bring your own device” (BYOD) trend may have eased the workday for employees or made education “smarter” for students, but it has also brought with it many risks. The threat is even greater with the integration IoT because of multiple endpoints. Organizations should track everything connected to the network and keep a constant vigil on the flow of traffic. Each device that logs in needs to be assessed to determine the level of access it should have. Attackers look for insecure devices to gain a foothold into an organization and use the devices to steal data or for illicit surveillance. All devices need to be kept patched and up to date. Unknown devices should flag an immediate alert. Install firewalls wherever necessary, as they deny unauthorized traffic and prevent hackers, viruses, and worms from reaching connected devices over the Internet.
- WIPS and WIDS to the rescue
For quite some time now, enterprise wireless intrusion prevention systems (WIPS) have been helping organizations to detect and block wireless local area network (LAN) attacks. They mitigate the chances of unauthorized access to the organization’s wired networks, systems, and data, which—when compromised—could mean irreparable damages to both business and reputation. WIPS offer a wide variety of attack discovery capabilities, such as detecting rogue APs and connections, including unauthorized ad hoc networks and unauthorized client devices. Some of them also offer forensic data, which can help in reviewing an attack session in detail and analyzing what happened. WIPS’ automated blocking capabilities may not be appropriate for some organizations. They can then choose to leave their WIPS devices in an intrusion detection mode or opt for wireless intrusion detection system (WIDS), which monitors and sends alerts. We expect our connected devices to perform critical functions seamlessly, but that very connectedness can be a threat if abundant security measures are not put in place. IoT risk management means that businesses have no choice but to be vigilant, constantly assessing their risks and taking proactive steps to safeguard their systems.  http://www.gartner.com/newsroom/id/2636073 Image Credit: BeeBright/Shutterstock.com