SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
What’s the story around cyber attackers and IoT devices?
Wed, 9th Nov 2022
FYI, this story is more than a year old

Multi-layered IoT networks and remote working practices have ripped holes in cybersecurity preparedness. Mark Baker, Check Point’s Country Manager in New Zealand, says we need to respond now. 

IDC forecasts that the ANZ spending on the Internet of Things (IoT) will reach $24 billion in 2026, a compounded annual growth rate of 10% for 2021-26. This year alone, our regional market is expected to exceed the $16 billion mark, 13% more than before.

Kiwi companies of all sizes have relied on IoT devices to improve productivity and connectivity within their business. Look around, and you will certainly notice some around you right now. From online security cameras to connected printers, from smart watches to smart lights, IoT devices have become tools in our daily routine, helping increase day-to-day convenience and pandemic-driven remote working capabilities. With a growing role as organisations embrace digital initiatives and look to embed intelligence across processes and applications.

One would say this is a tried and tested technology. Yet, according to Gartner, more than 25% of all cyberattacks against businesses will involve IoT. Many manufacturers and software providers are not prioritising implementing security requirements within their products.

The world of data security is perceived as complex and complicated, and suppliers prefer to focus on improving and expanding the functional capabilities of their products rather than bothering to add cyber protection. Sometimes, we find products that lack basic security capabilities, such as user/password management and encrypted communication – not to mention penetration testing and vulnerability management.  

Ultimately, it will come down to companies including IoT in their cybersecurity strategies. From large organisations to SMEs, we discuss the key holes in cybersecurity preparedness that need to be addressed urgently. 

Understanding the data risk

First, let us understand what information these attackers can obtain through IoT devices. Attackers often target the path of least resistance. Each known vulnerability (CVE) becomes a potential weapon for cyber attackers to penetrate an organisation. According to the Internet of Things Report 2018 by Business Insider Intelligence, IoT devices are expected to reach 55 billion units by 2025. The need for a comprehensive security solution has never been stronger. 

A Check Point survey with over 400 IT security professionals globally revealed only 11% of SMEs had fully implemented an IoT security solution. Furthermore, a staggering 52% did not have any specific security deployed at all, leading to 67% of enterprises experiencing IoT-related incidents. 

Cybercriminals will target devices that will lead to the maximum amount of information. Security cameras, for instance, are a common doorway for threats as their recording systems offer text decoding and facial recognition capabilities. Additionally, the sensitive data that passes through these devices can expose operators to various privacy-related issues and raises serious concerns regarding the ability of foreign entities to watch or listen to sensitive information. 

Why is it so difficult to secure IoT networks?

By and large, IoT devices cannot be centrally managed, patched, updated, or secured. They are simple and functional, making them vulnerable to cybercriminals’ exploitation.
Another common problem is that organisations usually have devices from multiple vendors, with many shadow devices that are unmanaged and connected without authorisation. Layers upon layers of disparate IoT networks mean that businesses have limited visibility and control of devices and their associated risks, creating an environment that is extremely vulnerable to attacks.

In a landscape that is both overwhelming and rapidly moving, where do businesses begin? My best advice is to assume everything is a target and try to secure it all. Check Point would suggest taking a three-pillar approach. 

  1. IoT discovery and risk analysis: identify and classify all IoT devices on any network through integrations with the leading discovery engines. This step exposes risks such as weak passwords, outdated firmware and known vulnerabilities. All devices need to be identified in detail and given a risk score. 
  2. Zero-trust segmentation: create strict rules that will give you total confidence. This is called the ‘zero-trust’ approach. We focus on developing and applying policies across the entire IoT network based on details collected through the map. Give IT teams full visibility and capacity to manage the policies and make sure teams are accountable for following them.
  3. IoT threat prevention: create a plan to prevent and mitigate risks. Consider factors such as being able to ‘virtually patch’ IoT devices to fix security flaws - even those with unpatchable firmware or legacy operating systems. In addition, build zero-day prevention that includes common threats like unauthorised access attempts and monitoring traffic to and from devices and servers.

Multi-layer approach

Many companies attempt to build their security using a patchwork of single-purpose products from multiple vendors but often fail and are left with security gaps caused by disjointed technologies. This approach also produces a huge overhead because it relies on working with various systems and vendors instead of one integrated solution. 
Companies should adopt a unified multi-layer approach that protects all IT elements, including networks, endpoints, cloud, mobile and IoT, all sharing the same prevention architecture and being fed the same threat intelligence data in real time.

Organisations should seek a single solution that can cover all attack surfaces and vectors to achieve effective coverage. In a multi-hybrid environment, where the perimeter is now ‘everywhere’, security should be able to protect it all. Our Check Point Quantum IoT Protect is able to identify any IoT device on the network and assess its risk, preventing unauthorized access to and from IoT devices with zero-trust segmentation. Quantum IoT Protect is able to block IoT malicious intents due to industry leading threat prevention security services, aided by 300+ IPS signatures, providing on-device run-time protection.

As technology and cybersecurity experts, we have a significant role to play in giving businesses complete peace of mind and direction on building a fortified, preventative approach. With attacks on the rise, it’s time to have conversations about finding the right multi-layered security approach to secure their IT and infrastructure.