SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
COVID-19: How analysis of IoT devices highlights our changing behaviour
Thu, 7th May 2020
FYI, this story is more than a year old

The behaviour of consumers and enterprises alike has changed drastically and in many ways in the wake of the COVID-19 pandemic – and through analysis of connected devices, including Internet of Things (IoT) devices, rich insight can be gleaned into changing the way we interact with our devices.

ExtraHop has today issued a report detailing such changes, with warnings that connected devices, both those used by employees at home and those left idle but connected to the office network, can pose serious security risks to enterprises.

Using aggregate data from across its global user base, ExtraHop analysed business-related device activity during a one week period at the end of March 2020, which was compared to activity from a similar study of the same global user base conducted in November last year.

The results reveal not only patterns that illuminate the state of work during the COVID-19 crisis, but also the long-term security implications of a distributed workforce.

Key findings

Unsurprisingly, there was a 65% decline in the number of laptops and a nearly 70% decline in the number of smartphones connecting directly to corporate networks in March 2020.

However, employees are still accessing corporate resources, often relying on questionably secure local networks that lack the safeguards of the office network and thus are more exposed to malware.

The report also revealed that the number of connected IP phones declined by just 7.5%, indicating that many of these devices remain on and connected even when no one is using them.

Almost 25% of those VoIP devices are Cisco IP phones, for which a critical vulnerability (CVE-2020-3161) was announced in April.

Printers – at high risk for vulnerabilities and one of the most common targets of hackers – showed even smaller declines in connectivity, dropping by just 0.53%.

Organisations seem to be taking more precautions than before against physical intrusion, with the report revealing connections from security cameras increased by 47% in March.

Security cameras, like IP phones and printers, often have vulnerabilities and have been observed phoning data home.

“The almost overnight shift to remote work required a massive effort just to ensure the availability of applications and critical resources for employees outside the office,” says ExtraHop vice president, cloud and security solutions Sri Sundaralingam.

“For many organisations, the management of IoT and other connected devices may have been an afterthought, or at least something they didn't anticipate having to handle long term.

“As availability and security issues surrounding remote access become more settled, this needs to be an area of focus.