Kaspersky’s early 2022 report found that some parts of the IoT infrastructure of 43% of enterprises still do not have any protections in place. Meanwhile, the main barrier to the implementation of IoT projects by many enterprises is the risk of cybersecurity breaches and data breaches.
According to IoT Analytics, the number of connected IoT devices globally is expected to grow by 9%, reaching 27 billion IoT connections by 2025. The significant increase of connected devices also increases the need for security.
Besides, Gartner also emphasized that, in the past 3 years, nearly 20% of organizations have observed cyberattacks on IoT devices in their network. While 2/3 of organizations (64%) globally use IoT solutions, 43% do not adequately protect them. This means that for some IoT projects – be it anything from EV charging stations to connected medical devices – businesses don’t use any protection tools.
According to Kaspersky, the reason may be that the variety of IoT devices and systems is not always compatible with security solutions. Nearly half of businesses fear that cybersecurity products could affect IoT performance (46%) or be too difficult to find the right solution (40%).
Other common problems that businesses face when implementing cybersecurity tools are high cost (40%), inability to account for the investment project to the board (36%), and lack of IoT security staff or experts (35%).
Additionally, more than half of organizations (57%) cite cybersecurity risk as the main barrier to IoT deployment. This can happen when companies try to address cyber risks at the design stage and then have to carefully weigh all the pros and cons before implementing.
Security threats from IoT systems
Today, the more connections are made, the more widely the data is shared, the more it becomes the target of cybercriminals. Therefore, in the context of ioT explosion, forecasting, preventing and overcoming network vulnerabilities is one of the top tasks of organizations and individuals. Through practical analysis, it can be pointed out some security threats from IoT systems as follows:
Security vulnerabilities in IoT
It is estimated that at least 6 million new IoT devices appear and participate in the system every day, which means that the number of security vulnerabilities is increasing in the IoT system. Typically at the DefCon World Hacker Conference, researchers found 47 security vulnerabilities in 23 IoT devices from 21 manufacturers. According to the OWASP open web security project, in 2019, the top 10 common security vulnerabilities on IoT devices include: 1) Weak, guessable passwords or default passwords; 2) Network services used to access insecure IoT devices; 3) Extended connections in the IoT ecosystem are not secure; 4) Lack of safe update mechanisms, or passive update mechanisms; 5) Use unsafe or outdated software components and libraries; 6) Inadequate privacy protection; 7) Insecure data transmission and storage; 8) Lack of management of IoT devices; 9) Unsafe default settings; 10) Poor physical security.
Possibility of widespread attack
IoT systems have always been the “promised land” for cybercriminals to attack, infiltrate and exploit due to the huge number of devices that will increase the probability, frequency and severity of attacks. In the event of a successful attack, the hacker will quickly take control of the entire network and cripple multiple IoT devices at the same time.
TrapX Security’s security research has shown how to hack an Internet-connected household heat controller – NEST (owned by Google). From there, exploit this security vulnerability to gain control of all connected devices in the house. According to a recent report by cybersecurity firm Darktrace, hackers hijacked a smart fish tank at a North American casino to take control of the casino’s server system and stole 10 GB of player data on servers in Poland.
The above examples are just a few of the many examples of IoT devices being one of the weak links causing the viral effect that leads to the entire network of an organization, business or individual being paralyzed. Through controlling IoT devices, hackers not only steal data but also cause many unfortunate consequences.
IoT – unlimited “data mines”
With tens of billions of devices in the system, IoT generates huge amounts of data from sensors attached to parts of machines, camera systems, smart cities, smart homes, smartphones … It can be affirmed that IoT is a “data mine” with no limits. According to forecasts by IDC (International Data Corporation), by 2025, IoT will generate about 79.4 Zettabytes of data. Not only that, this data mine also contains data information, user passwords. This data is used by companies and businesses in advertising, marketing and is also something for hackers to extort money, attack bank accounts or other types of accounts of users.
The risk of massive Distributed Denial of Service (DDoS) attacks
The new trend of DDoS is to take advantage of vulnerabilities from IoT devices to turn them into botnets (computer networks created from computers that hackers can control remotely). Symantec’s recent research has shown that IoT device attacks are on the rise. Cybercriminals have taken advantage of these vulnerabilities to hijack home networks and connected consumer devices, thereby carrying out DDoS attacks.
A good example of taking advantage of IoT devices to perform DDoS attacks is mirai malware. Cybercriminals took advantage of Mirai’s source code to infect IoT devices to create botnets after the malware’s huge role in creating a DDoS attack on cybersecurity reporter Brian Krebs’ website – this is a record denial of service attack with 620 Gbps of traffic from IoT devices Infected. The characteristic of this botnet is that it is not computer-based, but is built from Mirai-infected IoT devices such as cameras, digital cameras (DVRs), or CCTV… These devices are mostly infected by users using weakly secured names and passwords, or by default. Since Mirai’s source code was released, criminals have rapidly developed new variants of it, as noted by Level 3 Communications, a U.S. multinational telecommunications and Internet service provider, which identified 4 servers that ordered control in conjunction with Mirai activation during the month. The company also said that about half of the botnets are from the US and Brazil, 80% are from DVRs, many of the attacks are targeting game operators or private IP addresses. Some attacks recorded by Level 3 Communications reach more than 100 Gbps with a large number of botnets controlled, in some cases up to 100,000 botnets to attack.
According to Symantec, 2015 was a record year for IoT attacks, with multiple hijackings of home automation and home security devices. In particular, attackers often pay little attention to the victim, but mostly want to take control of the device to add it to the botnet, and then use it to perform DDoS attacks. Most malware targets IoT devices such as web servers, routers, modems, nas data storage devices, CCTV systems, and control systems. Poor security on many IoT devices has made them easy targets, and even when infected, the victim is unaware.
Some recommendations to ensure a secure IoT system
To help organizations fill in gaps in IoT security, it is necessary to assess the security status of the device before deploying. Priority should be given to devices with network security certificates and products of manufacturers that focus on information security. This will help minimize the spread of an attack and protect the most sensitive parts of the infrastructure.
In addition, organizations should adopt a vulnerability management program to regularly receive the most relevant data about vulnerabilities in programmable logic controllers (PLCs), devices, and firmware, and patch them or use any protection solution. Check out the “IoT Security Maturity Model” – an approach that helps companies evaluate all the steps and levels they need to overcome to achieve a full level of IoT protection.
In addition, the use of a dedicated IoT gateway that ensures the security and reliability of data transfer from edge computing to business applications such as Kaspersky IoT Secure Gateway 100 is also a necessity. It’s Cyber Immune, which means virtually no attack can affect the port’s functions.
VNCS Global is a distributor of Nozomi Network services – the perfect partner that opens up comprehensive monitoring capabilities on OT and IoT infrastructure to help businesses accelerate security and digital transformation.
Contact us for the best advice:
☎️Phone: (+84) 923618585
- Website of the Ministry of Information and Communications
- Vietnam Journal of Science and Technology