Why Ransomware poses a danger to the Internet of Things.
Christine Barry, Chief Blogger and Social Content Manager, Barracuda Networks.
The interconnectivity of the internet has given rise to a new world in which it is possible for all manner of devices to be able to communicate with one another. Known as the ‘Internet of Things’ (IoT), this vast web of connections extends beyond the ‘information superhighway’ and reaches into every area of our modern world. From the way that street lights and HVAC systems are controlled to the entertainment systems in our home, medical devices in hospitals and even our bodies right through to public services, private cameras and our personal devices…they are all connected to the vast network known as the IoT.
It is a Science Fiction fans dream come true and one that few writers could ever have imagined possible in such a short space of time with advances over the next decade predicted to bring yet more of our technology online. Yet the foundation of it all, cyberspace, still remains a perilous place for the unprotected. ‘Secure’ networks protected by vast sums of investment in IT security systems can still be penetrated and data breaches in all sectors are still common and largely viewed as an inevitable eventuality. Posing a grave risk to the Internet of Things sits ransomware, the Black Widow in this great web.
The consequences of losing control of some of these services to a criminal who holds that control to ransom are a dark thought indeed. So, what protection can be afforded to defend against the ‘inevitable’?
Why is IoT security less robust?
Unlike traditional networks involving servers, computers, mobiles and tablets etc., the IoT compromises many more disparate devices all of which have their own security protocols and baselines. These additional management points can cause a similar headache for IT staff as BYOD and is largely uncontrolled in most organisations.
Even those organisations that have a proactive plan for managing these devices can often find it difficult to manage as a lot of ‘things’ simply do not have embedded security or the security that is inherent has been a last minute ‘add-on’ rather than a part of the design. Things like passwords are hard-coded into devices making them impossible to be changed. Moreover, the ongoing management of patching and updating the various software for all of these devices makes it a complex and time-consuming task.
Overall, whilst the IoT is making life easier for users, this multi-layered network of vulnerable access points is causing significant challengers to IT security teams.
So, how can the IoT be adequately protected?
As with the management of any security, it is vital that the extent of any organisations use of IoT is well documented and that this is routinely updated. There should be a robust procedure in place for how new devices are added to the network and a clear policy for how this is implemented. IT security should assess every device that is added to the network with a clear view of how it’s security can be enabled and enhanced. Where devices could present a significant vulnerability to the network then the policy must be able to provide adequate alternatives to allowing the device wholesale access to the rest of the network.
A baseline for security standards should be adopted and followed to the letter ensuring that any passwords and logins are changed regularly. Unused ports should be disabled and any additional security features should be enabled. Some devices come with two-factor authentication which may prove annoying for regular users wishing to access them but is a small price to pay for securing the rest of the network.
Furthermore, the IoT should come under same routine maintenance and management as all other IT hardware and security protocols. The inventory should be kept up to date and routinely checked with updates and patches being part of the planned maintenance works. Each device should be recorded as an IT asset and any custom changes should be recorded in the appropriate files.
As with any other device on the network, anything on the IoT should be contained within a perimeter firewall and guarded with the same security levels as afforded to any other access point on the network.
Lastly, where devices can be backed up, include them in a routine along with other devices that store data of configured settings.