IoT Attacks: 6 Security Risks To Be Aware Of
IoT devices are everywhere, so IoT attacks are on the rise. The vulnerability of IoT comes from risks inherent both in the devices themselves and in the ways they interact with the rest of an organization’s systems — IoT devices are by nature designed to connect, so the risks associated with them are compounded across the entire network. As IoT devices become increasingly valuable and important parts of organizational and industrial infrastructure, securing those devices to protect against IoT attacks is a critical step for every security team.
Jump to a section…
Interested in detecting, preventing, and mitigating IoT attacks? Contact us to learn how Byos can help.
IoT Attacks: The Most Common Security Risks
During the first half of 2021, attacks on IoT devices grew by over 100 percent. While the previous six months had seen 649 million attacks on IoT devices, there were 1.5 billion IoT attacks during the period of January-May 2021. The uptick in attacks is connected to the sudden ubiquity of the tech category — from consumer wearables to industrial IT and across the work-from-home reality of post-COVID employment, the internet of things is everywhere.
When not properly secured, IoT devices can introduce a number of new and preventable attack vectors. Some of these risks are simple to see and understand, like unpatched operating systems or insecure passwords that are easy targets for brute force attacks. As organizations in virtually every industry increase their operational reliance on IoT devices, security teams must account for both simple and complex risk factors specific to the world of IoT. Here are six IoT attacks and security risks to be aware of:
IoT devices are particularly vulnerable to malware because they don’t have the same security mechanisms built into their operating systems as more advanced machines and computers. They are usually functionality-focused machines, and typically don’t offer the storage space or processing power that computers do, for example. With that in mind, attackers tend to see IoT devices as low-hanging fruit attack vectors that they can easily take advantage of.
Installing malware on one IoT device wouldn’t have much of an impact, but infecting multiple IoT devices allows attackers to form botnets — armies of compromised devices that carry out attacks on other systems within the network. With botnets doing their bidding, attackers can command their zombie devices to execute attacks like flooding the network with traffic or sending spam information, for example.
In 2017, the Mirai botnet devastated a number of websites with a widespread coordinated DDoS attack, opening the floodgates for many Mirai botnet variants. High profile botnets have also recently been used to direct computing resources toward mining cryptocurrency, like the Lemon Duck attack.Back to top
The fact that IoT devices rarely store valuable data locally doesn’t make them immune to ransomware attacks. Instead of ransoming information back to an organization, ransomware attacks on IoT devices typically block the device’s core functionality. That may mean shutting down an industrial device without which fundamental business operations wouldn’t be able to continue, or stopping a camera or microphone from recording the feed it’s trained on.
Security teams can sometimes reset the device or install a patch to get around the attack, so attackers typically shift their focus from targeting critical data to attacking critical devices. Bricking IoT devices that support an organization’s fundamental operations has a major impact, and requiring payment under pressure within an even shorter time frame (before resets can take effect) seals the deal.Back to top
IoT devices are connected to the internet by design, but that connection introduces an additional attack vector specifically because of the role IoT plays in organizations today. In industrial organizations, for example, the common practice of segmenting smart systems within their own separate networks only goes so far (because IoT devices are connected to the internet). As IoT devices have become popular in operational technology, the systems that were once consistently air gapped are now created specifically to be online, often through wireless networks. The fields of IT, IoT, and operational technology are converging, making all three categories more vulnerable through IoT attack vectors.Back to top
Because of the rapid proliferation of IoT device connections to the network, asset inventories often fail to keep up, hence the saying “you can’t protect what you can’t see.” Visibility into IoT devices enables security teams to conduct detailed monitoring of the traffic that moves through them so they can identify any abnormal patterns and identify threats and warning signs of attacks in progress.Back to top
#5: Unencrypted Data
The function-focused approach of IoT design means that most IoT devices don’t have the resources built in to support strong encryption. Although many IoT devices don’t store files locally, they do transmit important telemetry information (like video or audio data) back to organizations or into the cloud. Without robust encryption protocols in place, that traffic is particularly vulnerable to eavesdropping, espionage, and hijacking. Attackers might replace camera feeds or stop them from recording, or change important medical information or customer data, for example.Back to top
#6: Rogue Devices
Installing IoT devices also introduces the possibility of rogue devices — replacements to legitimate devices or physical additions to systems that are designed to go undetected while the attacker changes, erases, or steals information. Rogue devices enable attackers to create rogue access points, fracturing the network perimeter by creating a point of ingress and egress traffic that the attacker controls.
Addressing IoT security vulnerabilities and attacks must be a priority for modern organizations. Attacks will only increase in frequency and sophistication as the tech becomes a more integral piece of more organizations. Byos protects and secures IoT devices by introducing microsegmentation at the edge. With hardware-enforced isolation through the patented Byos µGateway, security teams can detect threats, contain attacks, and eliminate breaches when they occur. Ready to learn how to reduce your attack surface by protecting your organization’s endpoints from IoT devices to remote computers? Contact us to get started today.