The Internet of Things (IoT) is revolutionizing the way we share data and we achieve a great improvement in our banking services, purchases, transport, Health, security, etc., just to name some of the sectors that we will be able to find. The goal of IoT is admirable, but it is about hundreds of devices that are going to flood the market, with a lack of standards and a multitude of security deficiencies in its creation. In this situation, we are going to find a launching pad for cyberattacks against corporate clients, government and private company networks.
And this is not about something that we are going to find in the future.. Is happening right now. A few days ago there was an attack against many of the most famous websites like Twitter, Netflix and Amazon that were unable to provide service in many parts of the world for several hours due to a DDoS attack. According to the latest research, this attack could be carried out from hundreds of devices and machines connected via IoT.
Low security
To this day, many IoT sensor and device manufacturers have not provided adequate security for their devices. The market for consumer IoT devices like cameras, thermostats and other devices that are used both at home and in companies and that are connected to the Internet, they are very price sensitive and manufacturers are focused on minimizing the price in exchange for investing less in their safety. Many of the millions of devices connected to the Internet are potentially exploitable and this is especially problematic since these devices are highly susceptible to some types of cyber attacks such as ransomware.
But with the increasing adoption of IoT, things are destined to change. Some laws in countries such as the United States are beginning to regulate and sanction non-compliance with the minimum security measures in this type of device.. Despite this, these sanctions should not be taken as a safety plan. Hackers will always try to get around whatever kind of barrier manufacturers put on these devices. Thus, companies must have a defense that adapts, prevent and detect threats from IoT devices.
Some security and IT teams from large companies are starting to create and configure platforms that try to fool hackers by posing as IoT devices.. These scam platforms appear as production IoT servers and service gateways, fooling attackers into believing that they are the real devices they are looking to enter production networks.
How can we prevent ourselves?
To prevent a hacker from sneaking into our network from these devices, we must detect the attacker within our network as soon as possible. Scam platforms are designed to turn the entire network into a scam and provide real-time visibility of attackers and alert to network threats. But the ideal response should not only detect threats but also be able to identify different types of threats, classifying them by levels and providing a set of incident response strategies that include detailed information about the attacker to automatically quarantine and repair the systems that are being infected.
Hackers use the element of surprise to carry out their attacks, but when using these scam platforms, attackers are detected and security teams can quarantine and study them to prevent future attacks. The adaptive defense idea strategy to protect your critical assets in these cases may include the following:
- Build your security from scratch. Make decisions about how information will be collected, how long it will be kept and who can access it for security reasons. Review these decisions periodically as the network grows and progresses.
- The type of data collected should provide information on security decisions. Some specific devices may have security flaws, and IT should review the data in terms of whether the vulnerability of those computers affects the personal data of the users who use them or whether the actual location of the device can be identified.. They must ensure that manufacturers have taken additional security measures in the development of devices if they must collect sensitive data from users, as financial information, geolocation or information collected on risk groups such as children or the elderly.
- Think about how to handle that data. Policies should be developed that place limits on the collection and retention of user data. This should include, as an example, storing only truncated credit card information. IT teams should also minimize the amount of data collected to reduce potential risk..
- Protect data with additional security measures. Security measures must go beyond simply safeguarding the device, they must also include administrative measures, techniques and physics of the entire network.
- Check for complaints to the providers of these devices. When you are going to implement sensors or IoT devices, Your security team should verify and confirm that the products are protected and that there are no security claims.
- Implement policies to protect your network from third parties. Create documented processes for third parties to handle data, critical hardware or software on your network. This may include limiting the network and data they can access and you need providers to report any breaches they detect.
- Stay up-to-date on security trends. Try to prevent everything you can but you must also have visibility of the threats that exist and what it may be that your system has been overlooked or that they have not yet reached you. Make sure your systems can detect both known and unknown threats and send justified alerts and attack analysis to accelerate incident resolution, assisting in the recovery and prevention of ongoing attacks.
