The Internet of Things (IoT) is expanding rapidly, with some analysts predicting the number of connected devices will reach nearly 50 billion in the next couple of years. Such massive connectivity is expected to drive new efficiencies in countless industries, including healthcare, manufacturing, energy and utilities, and more.
It is also presenting substantial growth opportunities for cyber criminals.
Hackers quickly figured out how to use IoT devices to create botnets and infiltrate corporate networks. According to one report, one in six businesses had suffered an attack from IoT devices by the end of 2017.
Some security experts fear the worst is yet to come. In late 2017, researchers announced they had discovered a massive new botnet that is evolving and recruiting IoT devices at an unprecedented pace.
A big part of the problem is that ease of use has generally trumped security in the rush to web-enable thermostats, sensors, building automation systems, video surveillance cameras and a whole host of other devices. Because the devices themselves aren’t particularly inviting targets, manufacturers often include only minimal security controls. An HP study found that as much as 70 percent of commonly used IoT devices have significant vulnerabilities, including a general lack of password security, encryption and granular user access permissions.
Consumer groups and analysts have begun calling on manufacturers to employ “security by design” principles to reduce the risks. There is also increasing pressure on corporate-scale vendors such as Amazon, Google and Samsung to take the lead in galvanizing IoT vendors to apply security best practices. Given the massive scale and rapid evolution of botnets, security vendors are moving beyond traditional signature-based detection methods and using machine learning to identify threats, where they originate and where they’re likely to strike.
In the meantime, you shouldn’t wait for manufacturers, tech giants or security vendors to develop new solutions. The consistent application of security best practices within a multilayered security environment can help most organizations deflect attacks and prevent their networked devices from being recruited into botnets.
Since bot infections are almost always spread via malware, the first step is to make sure that antivirus and antimalware solutions are up to date. Also, apply current patches for both business and personal devices as well as all operating systems. Check regularly for new updates.
Security information and event management (SIEM) tools can also help by providing real-time analysis of security alerts generated by network hardware and applications. That makes them useful for identifying common botnet behaviors such as port-scanning and high rates of failed endpoint connections.
Also consider employing a next-generation firewall (NGFW). In addition to intrusion detection systems, rootkit detection packages, network sniffers and other security features, NGFWs increasingly include tools for botnet detection, prevention and removal. Some also have specialized anti-bot programs that can interrupt the link to the command and control server that delivers instructions to the bot.
The Internet of Things promises to bring exciting efficiencies to all manner of industries, but malicious actors will continue to find ways to uncover and exploit vulnerabilities. While manufacturers and security vendors must bear some of the responsibility for securing the IoT, all organizations must employ tough security measures to counter potential attacks. To learn more about boosting your botnet defenses, give us a call.
