The IoT Security Challenge and How to Address It

The Internet of Things (IoT) is already transforming entire industries and bringing an array of benefits to organizations of all sizes. However, the devices that comprise the IoT have notoriously weak security, creating a massive attack surface to be exploited by malicious actors. Security has typically been an afterthought with the IoT, but organizations need procedures and controls in place to reduce the risk of a cyberattack.

An IoT device can be anything with a unique ID that is attached to the network, and the number of IoT devices has been growing on a very large scale. One research estimates that by 2025 there will be about 75 billion devices connected to the Internet.

The sheer size of the IoT makes security a big challenge. The traditional IT environment, including computers, networking devices and the like, typically includes, hundreds, maybe thousands of devices. Enterprise IoT initiatives can increase quickly in scale to include hundreds of thousands of devices. These devices generate huge volumes of data that is distributed across the environment from the edge to the cloud.

IoT devices are also much more diverse than traditional IT devices, and there are very few standards in place for managing and securing them. Security controls typically aren’t implemented on the IoT devices themselves because of limited battery life. Also, IoT devices don’t have a lot of computing power, so they can’t provide encryption and other security services.

In light of these challenges, organizations should adopt a layered approach to IoT security. As an initial step, organizations need to safeguard IoT devices from external attack. This requires a firewall with IoT-specific protocols and Layer 7 application signatures, such as the Juniper SRX next-generation firewall (NGFW). Additionally, network segmentation should be used to prevent the lateral proliferation of threats.

IoT devices should be monitored for anomalous behavior. Organizations should collect and analyze log files using a security information and event management (SIEM) solution.

Advanced threat prevention (ATP) is also essential. Because IoT devices lack security controls, hackers are able to find vulnerabilities and attack the devices with unknown malware — so-called zero-day attacks. The 2016 distributed denial of service (DDoS) attack on DNS provider Dyn is probably the most famous example. The attack leveraged a huge botnet of IP video cameras, residential routers and other consumer IoT devices that had been infected with the Mirai malware. The attack took down major websites, including Amazon, Netflix, Twitter and the New York Times.

There are many other forms of advanced malware that exploit IoT devices to form botnets, and signature-based malware detection is ineffective against these threats. The Juniper Sky Advanced Threat Protection solution combines cloud-based threat detection with the SRX NGFW to identify and block zero-day attacks. It also employs a sandbox where malware is detonated in a contained environment, and patented machine learning capabilities that analyze and adapt to the malware.

Many enterprises that implement IoT applications try to move security features toward the network edge. A better approach is to have end-to-end, pervasive security — after all, the network is only as strong as its weakest link. If someone can hack into an IoT device (as innocent as your “smart” coffee machine or Smart TV), odds are high that they can hack into the entire network. In addition, the data generated by the IoT is going to be omnipresent, so security will need to be everywhere.

Most important, IoT security should not be an afterthought. If you’re planning an IoT initiative, contact Rahi Systems for help in developing an IoT security strategy and implementing the right processes and tools.

chanigarwal

Chani is a network presales engineer for Rahi Systems. Before joining Rahi, she worked for Juniper Networks for three years as a systems engineer and proof of concept engineer. She has MS degree in EE with specialization in Network and Security and also holds multiple Juniper certifications, including JNCIA-Junos, JNCIA-Cloud, JNCDA , JNCIA- Security, JNCIS-Security, JNCIP-Security, and JNCIS-Service Provider. Prior to her tenure at Juniper, she worked as a business process analyst focused on audit and risk management for IT.

This author does not have any more posts.