IoT Devices Easily Hackable
IoT devices are a cinch to break into because they employ a wide variety of modules and common libraries that are usually open source. They also have a tendency to use newer protocols like Universal Plug n Play (UPnP) which have more flaws than older and more established protocols.
Secondly, most IoT manufacturers do not design or build their devices with security in mind, and do not have the necessary response mechanisms when their devices are breached.
Large software vendors like Microsoft and Adobe, for example, have been traditional attack targets and therefore have built secure development lifecycles and frequent patch release cycles. If their software gets hit with a vulnerability, they have product security incident response teams (PSIRTs) to respond promptly to the issue.
In addition, these large software vendors have built many security controls into their products to make it harder for attacks to succeed. Adobe Reader, for instance, now has a sandbox included to provide a higher level of resistance to attack. IoT devices usually don't have the benefit of such rigorous controls. What's more, there will be more integration and complexity among IoT devices with passing time, further increasing the number of security flaws. A majority of these will likely be traditional web-based flaws to user interfaces that control the IoT device.
Fortinet's threat research arm FortiGuard Labs has already detected that hackers are probing non-traditional targets like IoT. Not many attacks have been launched yet but undoubtedly, an upward trajectory is predicted in the months ahead. IoT device attacks represent a path of least resistance and are a prime opportunity for hackers, who know that without proper PSIRT teams in place to manage patches and fix IoT security problems, their attacks can enjoy success for a longer period of time. If a device is connected, has storage, memory and a processor — they are the perfect candidate for attack. Often times, an IoT device will serve as an intermediate 'launch pad' to a secondary attack within the internal network.
The Buck Stops at the Network
With IoT's larger attack surface, endpoint security and management becomes much more fragmented. Most IoT devices wouldn't come with antivirus control but even if they did, the size and diversity of the IoT ecosystem would make the process impossibly complex to manage.
Network-based inspection, therefore, is the only way forward for IoT. Every network will need a security appliance that is intelligent enough to deeply inspect code written for these non-traditional platforms. We refer to this as platform agnostic inspection, and it is the best way to scale along with IoT.
For every data request, this appliance must be able to ascertain three pieces of critical information — who is the user, where is he going, and what data does he need. This means the network will need to incorporate traditional network protection technologies like firewall, intrusion prevention, Web filtering and antimalware solutions to enforce policies, control applications and prevent data loss. More importantly, that content needs to be inspected due to the growing attack surface. Threats can hide just about anywhere nowadays — it's easy to find them embedded within otherwise legitimate traffic streams.
Only with such intelligent solutions, well crafted policies and vigilant IT security personnel can enterprises hope to win the tough battle against IoT security and keep their business on an even keel.
Sign up for CIO Asia eNewsletters.