IoT Attack Vector Think back 10 years ago when the iPhone was first released – a revolution occurred in mobile computing technology that started an entirely new industry based on Mobile Device Management (MDM). Before then, splinter technologies like SCADA required management, and ultimately vulnerability assessments and remediation due to threats like Stuxnet. Now, fast forward seven years from the introduction of the iPhone and we encounter a push to the cloud. Entirely new technologies and companies have appeared to manage the operations of cloud resources and manage the risks based on the unique traits the cloud possesses. We have seen a basic evolution of information technology expand from servers, workstations, infrastructure, applications, SCADA, mobile, and cloud to IoT (Internet of Things). It is in fact another TCPIP (or Bluetooth) based resource that has expanded the risk surface of connected technology and now must fall under management as well. IoT devices are not new. We have had cameras, alarm systems and door locks IP-enabled for years. They have always had risks and vulnerabilities. However, with the recent introduction of verbal digital assistants, thermostats, lightening systems, etc. that are all TCPIP-enabled, we have grouped them into a definition so we can manage them; just like we did for BYOD (Bring Your Own Device). In fact, if businesses allow IoT devices to be connected to wired or wireless by users, this just represents an extension to the BYOD concept to now include purpose-built devices users can bring into work. Unfortunately, MDM solutions have not caught up to this premise and the risks of these devices is quite significant unless unmanaged on the business network.

Managing the IoT Problem – It Starts with Discovery

In order to manage any new problem, the first step is to identify all of the moving parts that contribute to the risk. This includes establishing acceptable use policies, security standards, and identifying any shadow IT that may already be occurring by IoT devices that are present on the corporate network. To manage the later, BeyondTrust has introduced the free Retina IoT (RIoT) scanner. The tool is designed to expand on the asset discover and vulnerability identification premises we already know for operating systems, applications, SCADA, cloud, and now IoT. The new capabilities can work across wired and wireless networks to find and identify IoT assets by manufacturer and model, and document any known vulnerabilities like default passwords (responsible for the Mirai botnet) and missing security patches. This new tool (audit capabilities) is baked directly into our commercial products for licensed customers but also available for free for any business looking to wrestle with this upcoming problem. IoT devices are simply just another network device connected to our home or businesses networks. Their primary difference is that they are single purposed, generally do not contain features for security best practices like least privileged or role based access, and can be notoriously difficult to patch or even monitor. They have basically unlearned all of the security best practices we take for granted today and are more akin to a brain-dead SCADA thermocouple or PLC logic controller. While the convenience of these devices is currently out weighing the security risks; government, companies and consumers are taking note of their risks and potential long term threats. If you have begun to embrace this technology, consider looking at the Retina IoT scanner. Understanding that this is another chapter in IP-enabled technology is important; especially since this chapter has forgotten the lessons learned from the past. BeyondTrust can help reign in this new technology and help you manage the risks. Contact us today.
It’s a jungle out there, get your FREE Retina IoT Scanner (RIoT) now! Download now