How IoT Devices Weaken Network Security and What You Can Do About It
January 3rd, 2023 by Kevin Box
I've outlined in recent articles the vulnerabilities of printers on the network. To expand on this topic, we need to focus on the vulnerabilities of why this is the case and what are the best practices in fixing the problem. In this article, we will explore the issues surrounding IoT's (Internet of Things) devices and deliver some useful insight to address the problem.
Anytime you connect an ancillary device to your network, you create vulnerabilities that can be exploited by bad actors. These devices are called endpoints which are categorized as IoT devices. Whatever term you use to describe these devices makes little difference to a hacker - They just want to know where the vulnerabilities are and the best way to exploit each weakness.
IoT's are being exploited because organizations fail to properly secure these devices. According to Microsoft, critical infrastructure is also vulnerable as well because IoT security isn't being managed correctly, or not at all, leaving networks exposed.
According to Danny Palmer's article on ZDNet.com, Microsoft sent researchers to the UK to investigate water utility providers to search for vulnerabilities in their networks. What they found was these utilities were using "Draytek Vigor routers," which are intended for home use and not suited for enterprise-level environments, which meant the routers were inherently vulnerable because the manufacturer did not develop them with the proper security baked into the device. This opens the door for a host of different vulnerabilities, including open windows that allow attackers to run malicious commands on devices, move laterally within the network, and access and exploit other vulnerable devices.
Even when patches are available to protect Draytek routers, the nature of IoT devices means there must be human interaction to apply these updates. If the administrator forgets to do these updates, for example, or is unaware that patches are needed, the routers remain exposed and vulnerable to attack.
The same is true with printers. Organizations often don't know what they don't know in terms of buying printers, so they end up with devices meant for home use and not for enterprise-level printing.
To help ensure IoT devices such as printers and the network are protected against cyberattacks, Function4 recommends the following best practices:
1. Adopt a comprehensive IoT security solution – By adopting a comprehensive IoT Security solution to help monitor devices on the network and remediate any device changes according to a specific security policy, will help limit exposure to attacks. System monitoring allows the organization to track its network activity around the clock, and when a system or function fails, support teams can immediately jump into action and investigate the breach and work to fix it in real-time.
2. Run vulnerability assessments to test your network – You must know what devices you have attached to your network and understand the vulnerabilities of each and what threats exist. Running a firmware assessment, for example, will give you insight into the firmware levels for each device and tell you if they're up to date or if any security bulletins exist. This will allow updates to be applied to help prevent hackers from exploiting any known issues.
3. Reduce the attack surface – Limiting the exposure of IoT devices that are not being used yet face the open internet is critical to network security. You can reduce the exposure to these devices by eliminating extraneous connections to IoT devices, such as printers that are not in use or used infrequently. This helps reduce the number of gateways hackers can exploit. You should also segment these devices from other IoT devices on the network so if a breach does occur, the hacker cannot move laterally between IoT devices to control the network.
4. Increase Network Layers – Increasing security layers throughout your network will also help limit exposure. Using multifactor authentication can help reduce negative security incidences. Training your employees to know what to look for in terms of phishing emails and having written procedures in place for managing these bad emails will help reduce poor security events. Lastly, having policies in place for buying only enterprise-level devices with built-in security will help ensure the proper security layers at the device level.
Locking down IoT devices such as printers can help ensure vulnerable gateways into your network are closed and help prevent potential threats from becoming real security breaches. Having a policy-based approach to securing imaging and printing devices can go a long way to adding layers of security to your infrastructure, which can help make it harder for cybercriminals to penetrate your network.
If you have any questions concerning this article or would like to have one of Function4's Security Specialists conduct a Security Analysis on your network, reach out to me directly, and I will connect you with a member of our team. I can be reached at kbox@function-4.com.
Posted in: Cybersecurity