Five Examples of IIoT/IoT Security Threats

The trend of the Internet of Things (IoT), including the related Industrial Internet of Things (IIoT) and the Internet of Medical Things (IoMT), will continue to see explosive growth in 2020 and beyond. Yet for all their benefits, these devices continue to pose real security risks, especially since they can be easily compromised and can contribute to larger breaches, data exfiltration, and other issues. In this blog, we take a closer look at IoT security threats, including five ways hackers can compromise IoT devices  and use them to do harm within an organization.

Five Examples of IIoT/IoT Security Threats

The trend of the Internet of Things (IoT), including the related Industrial Internet of Things (IIoT) and the Internet of Medical Things (IoMT), will continue to see explosive growth in 2020 and beyond. For example Gartner forecasts that more than 20 billion IoT devices will be deployed by the end of 2020--a huge jump from the seven billion IoT devices that were in service just a few years ago.

Yet for all their benefits, all IoT, IIoT, and IoMT devices present very real--very significant--security risks for a number of reasons:

• Traditional security best practices are not adequate--or effective--when it comes to IoT security.
• In most  cases credentials are hard-coded into the device and may not be unique device to device, making it easy for hackers to exploit.
• IoT devices are usually completely closed or have limited memory or compute power, which makes it extremely difficult to install endpoint detection and response (EDR) software or other security tools on them.

A growing number of IoT devices can now “walk” on to your network and are virtually invisible to security teams. These include wearable devices, BYOD technology, and even internally embedded patient devices such as pacemakers or insulin pumps. As a result of these challenges, IoT devices significantly expand an organization's threat surface and existing perimeter defenses are ill equipped, and frankly not designed, to address. For example, once an IoT device becomes compromised and the hacker has access to move laterally across the internal network, existing IoT security solutions may not be able to stop it since they don’t have visibility into east-west network traffic.

-----------------------------------------------------------------------------------------------------------------------------------

Related resource: eBook: New Advances in IoT Cyber-Protection

Interested in learning more about IoT security challenges, and how an innovative new solution can help overcome them? Download our new eBook, “New Challenges Call for New Solutions: Advances in IoT Cyber Protection.”

----------------------------------------------------------------------------------------------------------------------------------- 

Five types of IoT attacks

All of this adds up to a surprising amount of risk. For example, here are five ways hackers can compromise IoT, IIoT and IoMT devices and harm your organization:

1. Access an IoT device anduse it as a proxy to move laterally throughout the network and connect to other critical devices. Yet most security tools simply can’t provide the real-time visibility into east-west network traffic, making these threats “invisible” for long periods of time. This factor alone plays a role in many of the biggest cyberattacks.
2. Use a compromised IoT device to attack other devices, systems, and applications. For example, in its 2017 Data Breach Digest report, Verizon provided the example of a major university that suffered a botnet attack that was the result of more than 5,000 connected devices, nearly all of which were on the university’s network. 
3. Attack systems on the network and cause the entire system to shut down. To cite another recent example, an HVAC controller was successfully compromised at an apartment complex in Finland, allowing hackers to shut down several different HVAC systems.
4. Disrupt the devices to cause more harm. In healthcare settings, it’s possible that IoMT devices such as pacemakers and insulin pumps can be reset by hackers within compromised hospital networks. This example is particularly scary since these compromised IoMT devices could affect patients’ safety and well-being.
5. Take over the IoT device. It’s possible that hackers can take over IoT devices and turn them against your company; for example, by using them to compromise other devices or exfiltrate data.

Industries at risk

While just about any company could face these IoT vulnerabilities, a few industries are especially susceptible. These include:

• Healthcare with patient care and wearable devices, third-party hardware and systems such as X-rays, CT scans, and PACs, legacy equipment, and even facilities systems such as HVAC or security.
• Utilities that rely on IIoT controllers, monitors, sensors, networked legacy tools, and other specialized technology.
• Industrial and manufacturing settings with building automation controls, process controls, ICS and SCADA systems, alarms, thermostats, cameras, badge access controls, and more.

How ARIA can help overcome IoT vulnerabilities

The ARIA Software-Defined Security (SDS) solution can overcome these IoT vulnerabilities by providing improved network visibility for any IoT devices as well as the containment of threats against those devices.

 It is different from other security tools because it is deployed transparently in the network, not on the IoT device itself. This permits ARIA SDS to monitor any IoT device on the network by watching the traffic as it flows to and from them. The monitoring is conducted at aggregation points in the network that are intentionally located one step back from the wireline network. This closes the notorious gap presented by highly fluid east-west traffic between a public or private cloud, on-premise data centers, hybrid environments, and even communications between virtual machines.

To learn more, download our new eBook, “New Challenges Call for New Solutions: Advances in IoT Cyber Protection.”

About ARIA Cybersecurity Solutions 

ARIA Cybersecurity Solutions recognizes that better, stronger, more effective cybersecurity starts with a smarter approach. Our solutions provide new ways to monitor all internal network traffic, while capturing and feeding the right data to existing security tools to improve threat detection and surgically disrupt intrusions. Customers in a range of industries rely on our solutions each and every day to accelerate incident response, automate breach detection, and protect their most critical assets and applications. With a proven track record supporting the Department of Defense and many intelligence agencies in their war on terror, and an award-winning portfolio of security solutions, ARIA Cybersecurity Solutions is committed to leading the way in cybersecurity success.