You think your company is safe? Check IoT devices

Security cameras, loudspeakers, switches and printers can also be targets for hackers. Meanwhile, as indicated in the study by Phosphorus, 50% of such devices have default passwords that are never changed. It is just like an invitation for cybercriminals to attack IoT devices and lay their hands on valuable data by getting access to key business resources.

Let’s begin by saying why devices in the IoT or IIoT (Industrial IoT) networks attract hackers’ attention at all. Several aims are involved. The first is to infiltrate a network (after taking over the control over a device within a company network, one can access the IT network) that is often well secured by available systems, which is why hackers cannot break through using more traditional methods.

The second is espionage and stealing company secrets: after infecting a camera or the elements of audio / video conferencing systems, one can listen in, record and forward data from meetings and strategic talks.

The third aim of attacking IoT is to sabotage a company’s operations and thus exert a negative influence on its performance or reputation. For instance, a cybercriminal who has control over thermostats in the cold store can increase the temperature in order to damage the products. This, of course, leads to additional costs, issues with customers or an image crisis.

Dangerous IoT

Why do cybercriminals take a shot at IoT elements? Because most of the time they are poorly secured. The study by Phosphorus, already mentioned above, says that not only 50% of IoT devices have default and weak passwords (e.g. “admin”), but also their control software is no longer supported by the producers in 26% of cases.

This is a serious problem. As indicated by Phosphorus, for one employee in every company there are 3–5 IoT devices. Many of them have no security features, some operate without the company being aware of them, while others use software that has not been updated for years.

So it is no wonder that IoT networks are fast becoming the favourite targets for cybercriminals. Nokia informs that the number of such incidents increased by 100% from 2019 to 2020. The report by Barracuda Networks indicates that cyberattacks on Industrial IoT devices are very common: as many as 94% of respondents say that there has been at least one IoT security incident in their company within the last 12 months.

IoT networks are constantly growing. We often call them xIoT, which means extended IoT, because they contain IoT devices, OT devices, and network devices. These include e.g. machine controllers, printers, VoIP phones, thermostats, and smart TV sets. Their overall number grows by 20% each year. That is why the security of xIoT is becoming extremely important, explains Krzysztof Andrian, CEO at Concept Data.

Find, fix, monitor

The good news is that producers of cybersecurity solutions have noticed this gap in corporate and industrial networks. They offer products and services which make xIoT devices secure, thus enhancing the protection of key business resources.

Phosphorus, an American company operating since 2016, provides a comprehensive solution for detecting xIoT devices, fixing errors and monitoring all modifications in the settings of these devices. Recently, we have added this technology to our portfolio. It can be integrated with CyberArk systems which we also offer. This integration makes it possible for us to give our customers a versatile and complete security solution. As a result, we can also respond to the needs of industrial and manufacturing businesses which are extending their use of xIoT solutions and the OT infrastructure, adds Krzysztof Andrian.

Phosphorus Enterprise xIoT Security Platform is a solution for the xIoT security management. It fully automates the elimination of severe vulnerabilities, including unknown xIoT devices, default passwords, outdated firmware and expired certificates.

It provides visibility of the entire network and its components. It identifies each device, listing its make, model, software version and the information about the manufacturer’s support. The platform detects, automatically removes and monitors vulnerabilities, preventing the misuse of xIoT devices for the purpose of attacking the network.

The Phosphorus Platform operates in three stages. First, it detects and identifies xIoT devices, assessing their security level. Second, it eliminates security gaps related to e.g. credentials, software, and certificates. Third, it monitors the xIoT network on an ongoing basis, detecting and eliminating threats. As such, it provides effective assistance in fighting cybercriminals, particularly in the industrial sector and within the area of critical infrastructure which makes use of xIoT resources more and more often, becoming increasingly exposed to cyberattacks, says Krzysztof Andrian.

More about the security of the xIoT environment:

A secure OT infrastructure. Is that possible?