The Internet of Things(IoT) is growing rapidly. You may not think about it, but devices like thermostats, NAS devices, TVs, kitchen appliances and home automation system pass data back and forth the internet all the time. All of these gadgets are called as the “Internet of Things”.
In 2016, there were around 6,5 billion devices connected to the internet. It is expected to grow up to 50 billion devices in 2020.In 2016 the first large-scale IoT related DDoS attack waved the red flag. It disrupted the internet on the USA East Coast. It was possible because of the lack of security with connected devices. A botnet infected thousands of connected devices and used those devices to launch a DDoS attack that brought down the internet for millions of people.
2017 will probably see many more of such IoT related attaches as IoT continuously grows. IoT devices are vulnerable because of the lack of security. Many manufacturers who make smart cars, smart dolls or whatever smart connected device you can think of, do not take data security seriously at all. Therefore, the hackers will be able to hijack your kid’s toys to spy on your kids or use them in a botnet to bring down the internet for millions of people. Anything connected to the internet is at a risk of being hacked. It only needs one internet connection to infect a network with a virus to bring down the internet.
With the recent takedown of DYN and Brian Krebs’ website, hackers have found a way to use your own device to bring down the internet to its knees.
Let’s look at what can be done on the network infrastructure side to ensure that IoT is productive without endangering security.
The recent development of Software-defined networking (SDN) and especially the software-defined LAN (SD-LAN) is changing this situation and just in time for the rise of IoT.
7 Steps to handle IoT devices in your network,
The first step in any change is the decision. When you decide to secure your network against the vulnerabilities of all those IoT devices, you understand that there is a cost for resources and time. So, you need to build a plan.
The first step in building a plan is the assessment. Start by understanding what is actually there in the network. For this, you have to continuously monitor the devices joining the network.
Segment those IoT devices in their own small networks called VLANs. Put next-gen firewalls between those small segments. If one IoT device gets hacked, only that segment is affected and not your whole network. Make sure your “gems” are not in the same segment.
Once you are done with the segmentation, you would need to deploy automatic and manual on-boarding process for new devices. It includes automatic segmentation by device type/vendor. Also, consider accountability of each device in your network. If a guest visits your office there should be a way to identify or control the accessibility of the guest’s devices.
Hackers will search for more and more vulnerabilities in your network and the devices. They will start scanning your network, looking for the next vulnerability to exploit. This is the best time to catch them. For that, you need an anomaly detection technology that can analyze the network traffic and alert you.
The alerts you get should be converted into an automatic action of blocking, limiting access or quarantine of suspected devices.
How to protect your IoT devices:
- Never connect your appliances to the internet without connecting to a firewall.
- Regularly check for Firmware and Security updates.
- Consider rolling your own VPN for remote access.
- Secure your home/office network.
- Educate yourself.
How to protect your business against hackers in an IoT world:
- Have a written and enforced BYOD policy.
- Require employees to use strong, unique passwords for all password protected IoT devices.
- Monitor employee connected device usage.
- Use multi-factor authentication when possible.
- Use privileged access control appropriately.
- It’s a must to consider due diligence for any third-party IoT provider.
- Use an enterprise password manager.