January 4, 2018

Why You May Need to Rethink Your IoT Security Plan

4 minute read

Traditional cybersecurity methods are playing catch-up with the technology of  today. The warning signs were there years ago, and the Internet of Things (IoT)  is following the same path. 4,000 IoT security attacks, or around 170 per hour, breach enterprises each day. 54% of those attacks are unsolved and typically stem from poor BYOD protocols. Despite that, companies are still slow to adopt mobile device and IoT security plans. So what's the big deal with IoT security?

The Internet of Things is a huge driver of innovation on corporate campuses, enabling organizations to become more agile and efficient. However, IoT is also inherently associated with security concerns. This presents real concerns for enterprises, as they must find the balance between innovating and maintaining network security.

21% of enterprises tie their data breaches to BYOD programs, and nearly a quarter of these breaches stem back to employee devices unknowingly syncing up with malicious Wi-Fi hotspots. With large numbers of employees and contractors visiting your buildings with one or two personal devices that were not issued by your organization.

While you could install a Mobile Device Management (MDM) solution, that won’t fully solve the problem. These solutions only work when the devices are present on the corporate campus. It doesn’t help you understand if that device is being infiltrated anywhere else along the chain.

Let’s say John from Accounting takes a walk over to the local food court for lunch. Of course, he’s looking to connect to their free Wi-Fi and relax by playing a game on his phone. If someone were looking to infiltrate anyone connecting within the food court radius, this is all they would need to do: Go into the food court with a laptop, set up a network with a similar SSID to the food court-sanctioned networks, and block those official networks. A very deliberate veil of confusion strikes the patrons, including our victim, John.

Instead of connecting to the FreeFoodCourt SSID, he connects to my network, FoodCourtFreeWifi. This has all the makings of a classic man-in the-middle (MITM) attack. If it’s the next network on the list when the legitimate one drops off the radar, he’ll think, "No problem, I’ll just connect to the next one down." My network prompts him to re-authenticate his credentials, and he does. It looks real.

The attacker would then only need to launch a quick domain name search for all the nearby businesses because the target, John, is likely going to eat within a two-mile radius of his company. That's all it would take to grant them complete access to his credentials.

John isn’t alone. Bitglass found in their recent Datawatch report that one in five people connect to unsecured hotspots when readily available, putting anyone connected to their devices at risk. This is a type of threat surface companies aren’t prepared to tackle.

As IoT spreads, it perks up the ears of companies who need to take these threats seriously. We begin to see the holes in legacy security products and how these vectors are evolving. 

Traditional models aren’t working. To fight the landscape paved by IoT threats, companies need to monitor known and unknown devices. It’s already hard enough when companies recognize threats, but if vulnerable devices fly under the radar, the battle is already won.

We can’t fight what we can’t detect, making blind spots even more massive. Stop rogue devices early in the chain, and they’ll have no easy way to make it past the reception desk.


Topic(s): Security

Subscribe to Blog Updates