9 February, 2018
IoT security – Protecting your IoT network
IoT security - Protecting your IoT network
More and more companies are beginning to realise the many benefits of IoT and M2M technology, including optimisation of processes to reduce costs, the ability to remotely connect to systems in inaccessible locations and the gathering of increasing amounts of data to ensure choices are well informed. Unfortunately, the more these IoT devices are brought online, the more hackers and criminals are interested in using them for their own illegal activities.
For example, hackers were able to use IoT devices as part of a botnet to perform Denial of Service (DDOS) attacks on Domain Name Service (DNS) provider Dyn in October 2016. By compromising these vulnerable IoT devices, the hackers were able to prevent or limit access to a significant number of sites, negatively affecting a number of Dyn's customers. Dyn highlights in their blog:
This attack has opened up an important conversation about internet security and volatility. Not only has it highlighted vulnerabilities in the security of “Internet of Things” (IoT) devices that need to be addressed, but it has also sparked further dialogue in the internet infrastructure community about the future of the internet.
With this in mind, you are no doubt wondering what are some of the security concerns you should have around IoT and M2M devices. Here’s a look at some of the most important IoT security concerns to be aware of.
How IoT devices are vulnerable
Many IoT devices are vulnerable to attack. Cars, video cameras, medical devices and even power grids are just some of the IoT devices that may have vulnerabilities that hackers can exploit. In their essay Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks, Abomhara and Køien highlight a number of security issues with IoT devices and services. The problems that Abomhara and Køien discuss include:
- Device access control - Due to the lack of access control on many IoT devices, even unauthorised users are able to connect to these devices via the internet.
Physical access - Unauthorised personnel may be able to gain physical access to the IoT device due to its location.
- Data confidentiality - Sensitive information is transmitted via the internet, which means that even with security in place, there is the risk of data being compromised.
Hardware vulnerabilities - Abomhara and Køien discuss how identifying hardware vulnerabilities is difficult in the first place. Even if you've identified the issue, fixing them can also be very difficult due to hardware compatibility and interoperability.
- Software vulnerabilities - Problems can exist in device drivers, protocols, applications and operating systems due to programming errors or how different programs interact with each other.
How to protect your IoT network
When implementing your IoT network, you need to ensure that you take steps to prevent these kinds of risks. The steps you can take include:
Change default usernames and passwords - Many people are guilty of making this mistake. Ensure you change all default access settings to prevent an attacker from accessing the device using the default security information.
- Apply firmware and software updates regularly - Again, another common mistake that most people are guilty of. Even the best developers cannot spot every issue or vulnerability in their software on release, which is why it’s important to check for firmware and software updates regularly. Even tiny loopholes in a system can make you vulnerable to a massive attack, so ensure you are up to date. A centralised control center, such as the POST Cisco JASPER Control Center, helps you manage updates from a single location, drastically reducing the complexity and time it would take to apply updates manually.
- Limit the connections - Does your device really need multiple connections to the internet? Or can you limit the way it connects and still have it perform its function? By reducing the number of ports through which a device can be accessed, it’s much easier to ensure it’s secure. Also think about whether the device needs to be online all the time, or if it only needs limited internet access to perform its function.
- Secure the physical IoT device - Ideally, you want to limit the physical access people have to the device, but if that’s not possible, you need to ensure that your device has an appropriate way to detect and respond to unauthorised physical access.
- Intrusion detection - Your device needs to be able to report back on any unauthorised attempts to access it via the internet. This will allow you to block future attempts by an unauthorised connection, or if a device is compromised, isolate it from the rest of your network.
- Encrypt your data - The data on your device, as well as data that is transmitted via the internet, should be encrypted to prevent hackers from pulling unencrypted data directly from the device or through man-in-the-middle attacks. If you are worried about the impact this will have on device performance, there are a number of lightweight cryptography standards that fall under ISO/IEC 29192 that you can use, as discussed by Katagi and Moriai in their report Lightweight Cryptography for the Internet of Things.
How TERALINK Solutions can help you secure your IoT network
When tackling cyber security, TERALINK Solutions takes a multi-layer approach to protecting your network and data. TERALINK Solutions ensures there are security measures at each of the following layers of your network: perimeter layer, network layer, core server layer, endpoint layer, user layer and data layer. These security measures include firewalls, DDoS mitigation, server hardening, OS hardening, single sign-on and data encryption.
TERALINK Solutions also provides around-the-clock monitoring, every day of the year to ensure that your critical assets are protected. This monitoring process focuses on three areas: data, system and users. By focusing on these three areas, TERALINK Solutions is able to assess your system for all known vulnerabilities so that access is controlled and your data is protected.
Our IoT Control Center is protected with enterprise-grade security
- Multi-layered security prevents unauthorized access to your IoT devices, customer data, and backend systems
- Robust controls for device and user authentication and fraud detection
- Automated monitoring and security rules protect against breaches from rogue devices and external threats
In addition, our team makes use of audits to identify and prevent any attacks to your network. If a problem is detected, an incident response team will respond based on previously approved procedures defined by your organisation. This team will follow our three step process to manage the situation: identification, incident resolution and post-incident follow up. Our team will also perform a digital forensics assessment to ensure that the vulnerability is eliminated, and if there are any grounds for compensation from insurers.
TERALINK Solutions offers cost effective cybersecurity solutions that can help you protect your IoT business. For more information regarding our flexible security solutions, contact TERALINK Solutions to book a call with one of our experts.