The increasing risk that IoT devices bring to the cyber security landscape

Written by: Jordan Coogan
David Steele is Managing Director and Principal Security Consultant SecuriCentrix.

More than budget approval

The Internet of Things (IoT) is a physical network of objects or ‘things’ equipped with sensors and software. These help to connect and exchange data with other devices and systems over the internet. Billions of devices all over the world now have internet connectivity. Low-cost computer chips and increased bandwidth for global telecommunications have facilitated this growth.
The world is seeing a global computer chip shortage. Adding to this, COVID-19 has also added to the long-term effects on the supply chain. Despite these factors, the Internet of Things market continues to grow.
According to TechJury.net, around 46 billion devices are currently connected to the internet. And it is estimated that 31 billion more devices will be connected by the end of 2022. By 2030, this number would reach 125 billion, with one average person owning 15 IoT devices. These IoT devices bring convenience and functionality, taking priority over security.
It is for this reason that many cybercriminals have specifically started to target IoT devices. According to Intersog.com, between January and June 2021 alone, there were more than 1.5 billion IoT-related data breaches. 58% of these cyber attacks have the intent of cryptocurrency mining. 

Security Risks

The growth of IoT devices should be seen in tandem with the now clear-as-day interest of cybercriminals to target such devices. This most definitely is a significant threat in the cyber security landscape. So, what are some of the leading security threats to IoT devices? 

Passwords and Authentication

Many device manufacturers often hardcode default passwords onto devices. This simplifies first-time installation for the end-users. Usually, the end-user either forgets to change this password after setting it up. Often, the user does not understand the risk of continuing to use default passwords.
We cannot expect manufacturers to establish strong passwords for every device. It is also almost impossible to guarantee that all end users change their passwords.
Default passwords can be straightforward for a cybercriminal to crack. In some cases, lists of default passwords used by certain companies or devices can be leaked onto the internet. This allows even the most basic cybercriminal to gain access to many vulnerable devices to steal data and sensitive information. 

SSH and Telnet for remote administration

Secure Shell (SSH) is a remote administration protocol. This protocol allows users to administer and configure their IoT devices remotely. This is used in combination with Telnet, the application layer protocol used in network file transfers. Cybercriminals can use Telnet or SSH with weak credentials. This way, they can exploit applications and tools to install malware on IoT devices.
The type of malware installed on the devices can vary. Typically, attackers will use malware that converts these IoT devices into bots to use as part of a botnet at a later point for a DDoS attack. Recent times have seen a surge in IoT devices being deployed for cryptocurrency mining.
One IoT device on its own may not be very profitable for an attacker. These devices are usually compromised in large quantities. This creates a network of devices under the attacker’s control. 

Privacy Concerns and Data Leakage

Another major security concern related to IoT devices is Privacy Concerns and Data Leakage. Many IoT devices are now used to track health-related data. Specific problems can arise with the generation of extensive personal data and data breaches. These may not be necessary and can cause the reproduction of misguided conclusions from their users.
Research has suggested that many consumers would be willing to no longer use smart technology to preserve their privacy.
The communication channel between IoT devices is not only between the end-user and the device but also between other devices. This is the biggest issue with IoT devices. Due to these circumstances, it cannot guarantee control. It can also not access authorization, privacy, and protection, which is a major concern.
It is not only the security within the IoT devices themselves that is important. Security when transmitting data from one device to another is also of great importance 

The hybrid work model

As a result of the COVID-19 pandemic, many organisations have moved to work entirely online. Government restrictions and guidelines are now being eased or removed in many countries. Many organisations that allowed employees to work from home have started to return to the office. Yet, that is not the case for all organisations.
Many companies have now moved to a hybrid model with employees working some days in the office and the remaining days working from home. This hybrid model may be advantageous and provide convenience to the employees. At the same time, it can also significantly increase the cyber security risk to organisations. This is because most home networks are vastly more insecure than an organisation’s office network.
These hybrid working models can be seen as more accessible back doors for attackers. This is because many homes contain insecure IoT devices such as smartwatches, smart speakers, and other devices. Once an attacker has infected any of these smart devices, they can begin lateral movement, infecting device after device. Unless the network has a high level of security implemented, this can go on until the entire network is infected.
Many attacking tools, including their usage guides, are available on GitHub. With these resources, it does not take an exceptionally skilled attacker to exploit a typical home network. The hybrid working model exposes organisations to the risk of work devices being infected. When an employee works from home, the device is infected. The entire organisation, including the office network, holds a risk of being exposed. 

How to protect your organisation?

As it is with much of cyber security, training and education for employees can decrease many initial security risks. People can be educated in various ways about protecting sensitive data. Enabling better passwords and changing default settings are just some of them.
Another big method is ensuring that the latest security patches are installed on devices. These steps can help reduce some of the initial security steps. Although these simple steps may help, take note that attackers are becoming more advanced. Thus, security teams at organisations may need to put in place artificial intelligence (AI) security measures.
These machine learning and AI security tools can help increase the visibility of threats. It can also help organisations better understand how IoT devices interact with the network. Moreover, they can also identify devices connected to the network. This helps determine “normal” behaviour and enforce policies on devices. These policies can disrupt an attacker’s efforts to use that device as an attack platform. Using AI solutions can also help to reduce the workload of security teams. 

Scroll to Top