Securing IoT Devices in a Business Network

By Apu Pavithran, Chief Executive Officer and Founder of Hexnode

It has been more than two decades since the term Internet of Things was first coined in 1999. Today, IoT is a paradigm that is converging into every aspect of our lives. Currently, there are more than 13 billion active IoT devices in the world. However, the rise in IoT devices also brings new consequences. Kaspersky has reported that the attack on IoT devices has doubled in the first six months of 2021 in contrast to the previous six months. Many of these devices are not equipped to run in an otherwise cyber-secure infrastructure. The result is that it makes such devices vulnerable to attacks; the security protocols on most IoT devices are so simple that a sixth-grader with a raspberry pi and laptop could hack them. Interestingly, dependable endpoint management and security solutions can prevent most of the attacks on IoT devices.  

How an IoT Device Compromises your Network  

While connectivity is the cardinal virtue of IoT, it is also its Achilles’ heel. When every device is connected to every other device, a threat to one of those devices will translate to a threat in the whole network. This scenario becomes even worse when considering the sheer number of IoT devices in a business network. Each device is an endpoint, and each provides an entry to bad actors.  

In a connected network, the “air-gaps” that once existed between operational technology and IoT are uniting, leaving OT and IT vulnerable to IoT threats. In October 2016, The Mirai Botnet attack introduced the world to the first “internet of things” attack. Even today, it still ranks as the most significant DDoS attack ever launched. Through these seemingly insignificant devices, Mirai was able to bring down vast sections of the internet, including CNN, Twitter, Netflix, and Reddit. The Mirai attack was not an isolated incident either. In 2019 another botnet attacked security firm Imperva, taking over 400,000 IoT devices for 13 days. Likewise, when Microsoft stopped supporting Windows 7, almost 200 million devices became out-of-date. Cybercriminals took this chance, and in January 2020, a new malware campaign was launched targeting IoT devices running Windows 7.

Securing your IoT Devices  

Unfortunately, even with the increasing threats on IoT due to their increased connectivity, cybersecurity is not a priority for IoT manufactures. Manufacturers are always responsible for the lack of security in their devices. Still, attacks such as Mirai were successful due to human errors – using weak or generic username and password combinations. This attack, and others like it, prove that the risks IoT brings are often due to a lack of proper management of devices. With proper care, businesses need not wait on the serendipity of device manufacturers to secure their network.  

The first step is always detection; as the adage goes, you can’t defend against something you can’t see. A modern network access control (NAC) solution continuously monitors and detects every device connected to your network, including headless IoT devices.

Once every device in your network is accounted for, you must enforce a firm password policy for your devices. Imagine when you have to spend millions of dollars for damage control after a cyber-attack because one of the devices in your network uses “12345” as its password. A Unified Endpoint Management (UEM) solution has a myriad of features to discover, restrict, monitor, and control IoT devices. A password policy for all your devices can be easily configured using a UEM. These policies will ensure the use of strong and complicated passwords and enforce you to change them periodically.  

Even though next-generation IoT devices are being designed to run third-party endpoint solutions, dispatching and updating them is a hassle due to a plethora of connected devices. Using a UEM can help solve this by enabling IT admins to roll out updates and patches quickly. In addition, the ability of a UEM to monitor every enrolled device can help manage these devices and any communications through them.  

Finally, next-generation endpoint security solutions using machine learning can monitor and track the behavior of your IoT devices. AI will be able to discover and report any irregularities in the usual pattern. This can help to determine whether your network security has been compromised.  

Bottom Line  

The growth and future of IoT are closely interlinked and empowered by the advancements in artificial intelligence, the onset of the super-fast 5G mobile networks, and the vast volumes of big data. It is estimated that the number of active IoT-capable devices will rise to more than 30 billion by 2025. However, the more mainstream IoT becomes, the bigger a target it will pose. As cybersecurity leaders, we know that security doesn’t end with the installation of a pre-packaged firewall. Security is a culture, and the business needs to be a part of that culture. Adding an IoT-capable device into your network and just leaving it there is equivalent to building a new doorway into your house and not adding a door. Our world is fast approaching a future where every device is connected and communicating with every other device, and IoT is at its forefront.

Apu Pavithran is the Chief Executive Officer and Founder of Hexnode, the Unified Endpoint Management Solution that helps customers manage and secure endpoints from a central console. He is responsible for visualizing, formulating, and implementing Hexnode’s vision to be at the forefront of technology. An entrepreneur to the core, Apu is a thought-leader and a strong advocate of governance and information security.

Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.