Internet of Things (IoT)

What Is IoT?

“IoT” is short for “Internet of Things,” which is the network of internet-enabled and connected devices. Since the term was first coined in 2002, the popularity of “smart” devices has spread across nearly all consumer and business markets, turning everything from thermostats to factory equipment into both smart technology and potential attack vectors.

In 2018, there were seven billion IoT devices. Today, just five years later, the number of installed IoT devices, sensors, and actuators is north of 43 billion, with the average home wireless network operating 22 IoT devices.

What Is Commercial IoT?

Commercial IoT extends the idea of “smart” interconnected and internet-enabled devices from the home or car into the world of business. At its core, IoT offers virtually endless options for extending IP network connectivity to domains that have traditionally lacked it. Every sector, from healthcare to manufacturing, can leverage IoT to connect disparate systems and achieve new operational efficiencies.

For example, hospitals can use noninvasive IoT sensors to monitor patients and send key information to the cloud for delivery to other systems. Manufacturers can use sensors to gather operations data on the factory floor and improve efficiencies.

What Is IoT Security?

IoT security combines strategies, technologies, and methods for solving these security challenges and protecting your connected devices. Although the tools and techniques you can leverage are as extensive as the types of devices themselves, adopting IoT security best practices is a good starting point.

Why Is IoT Security Important?

Like computers, IoT devices connect to the internet, making them vulnerable to a variety of threats (such as malware) and attacks (such as distributed denial of service or DDoS). Unlike computers, IoT devices have very little space for security features because the functionalities of the devices take up most of the technological real estate.

Since many IoT devices lack an interface altogether, you can’t patch them easily, if at all. Plus, the variety of communication protocols that smart devices use to connect to the internet makes it a challenge to standardise additional security.

IoT security has become even more important post-pandemic, as the number of IoT devices accelerated during this time, driven by a shift to remote and hybrid work. When employees take their devices home and connect them to the same network as insecure smart devices like thermostats, doorbells and televisions, they expand your organisation’s attack surface and open new possible points of breach.

Notable IoT Cyber Attacks

Verkada

A group of threat actors accessed roughly 150,000 devices from Verkada, a security camera company, giving the attackers unrestricted access to live video feeds inside schools, prisons, hospitals, and companies like Tesla, along with archive footage of more than 24,000 clients.

St. Jude’s

While no patients were harmed, the FDA announced that St. Jude Medical’s implantable cardiac devices had vulnerabilities that would allow a hacker to remotely access the devices. This could allow the hacker to theoretically deplete the battery or administer incorrect pacing.

Stuxnet

Arguably the most infamous zero-day attack of all time, the Stuxnet worm exploited four zero-day vulnerabilities and is believed to be responsible for destroying IoT centrifuges in Iran, drastically slowing the nation’s nuclear ambitions.

Dyn

A botnet army of about 100,000 connected IoT devices slammed the DNS company Dyn with a powerful DDoS attack, resulting in knocking companies like Netflix and the New York Times offline.

How To Protect Your IoT Devices

Network Segmentation

One of the most effective countermeasures to the vast spectrum of IoT threats is network segmentation. This involves dividing the network into multiple segments, or subnets, typically for the purposes of improved performance and enhanced security. Each of these subnets is its own, albeit smaller, network.

Network or IT administrators can set policies to control how traffic flows within these subnets. Think of it as a complex web of interconnected, multilane highways, where cars automatically choose a lane and direction based on their destination and traffic conditions.

With a segmented network, you can separate internal user traffic from that of guests and external contacts. You can further fine-tune the segmentation so there are individual segments for your web servers, databases, and employee devices. Segmentation makes it more difficult for outsiders to penetrate your network via an unsecured IoT device.

Scan for Vulnerabilities

Given the immense variety of IoT infrastructure, there’s no one-size-fits-all approach. However, the regular, periodic use of a vulnerability scanning tool is a good place to start.

Once you identify vulnerabilities, you must prioritise system patching by carefully considering their severity, the end-user impact, and operational downtime. In many cases, you might not have to completely disable an essential IT function, but instead simply limit its functionality as you perform patches.

Implement Multi-Factor Authentication (MFA)

Unlike laptops or smartphones, many IoT devices are so minimalistic that you can’t log on to them directly from their own interfaces. Their entire security depends on administrator actions, making the thorough verification of any changes or updates mission critical.

A business-class MFA system might require the use of biometrics (usually a fingerprint, retina scan, or facial-recognition pattern), hardware tokens, or separate devices in addition to a standard password. These requirements are particularly important for ensuring the integrity of administrator actions pertaining to IoT devices.

Monitor Workloads, Applications, and Devices

Once attackers compromise a system, typically only a small window exists to prevent their lateral movement. Security and IT teams face the daunting challenge of trying to secure their IoT infrastructure within this brief timetable. In a short amount of time, they must detect initial intrusions, investigate those events, remove the infiltrators from the network, and take steps to prevent future issues.

IoT devices compound this issue with universal plug-and-play (UPnP) schemes, which allow for traffic to seamlessly pass between devices like routers. UPnP enables proxy chains that cover the tracks of attackers, while supporting massive IoT botnets.

Making matters worse is that there can be many obstacles to acting fast. They may include lack of full visibility into IoT infrastructure, or a shortcoming of niche defenses like antivirus software and firewalls.

How Arctic Wolf Protects IoT Devices

The size and technical limitations of the IoT landscape requires a unique approach to information and device security. While many specific practices for fending off threats are carryovers from endpoint security, IoT security demands that they be applied at a greater scale and speed than ever before.

Arctic Wolf security operations solutions deliver the insight and technical capacity to keep pace with the growing universe of IoT risks, providing 24×7 monitoring, detection, and response. Your dedicated Arctic Wolf Concierge Security® Team works as an extension of your in-house team to understand your unique security needs and ensure that your entire ecosystem, including IoT devices, is protected.

Plus, since these capabilities are rolled into a subscription package with simple and predictable pricing, you don’t have to break the bank or wait months for critical security systems to deploy before protecting your growing investments in IoT.

Arctic Wolf

Arctic Wolf provides your team with 24x7 coverage, security operations expertise, and strategically tailored security recommendations to continuously improve your overall posture.

© 2024 Arctic Wolf Networks Inc. All Rights Reserved.
Privacy Notice	Terms of Use	Cookie Policy	Accessibility Statement	Information Security	Sustainability Statement	Cookies Settings

SOLUTIONS

INDUSTRIES

Quickly detect, respond, and recover from advanced threats.

Detect and respond to advanced threats targeting your cloud infrastructure and applications.

Discover, assess, and harden your environment against digital risks.

Explore, harden, and simplify your cloud environment against misconfiguration vulnerabilities.

Engage and prepare employees to recognize and neutralize social engineering attacks.

Recover quickly from cyber attacks and breaches, from threat containment to business restoration.

HOW IT WORKS

Delivering security operations outcomes.

Collect, enrich, analyze.

Ecosystem integrations and technology partnerships.

Tailored security expertise and guided risk mitigation.

Security experts proactively protecting you 24×7.

Meet some of the security experts working alongside you and your team.

TRENDING RESOURCES

Understanding ransomware — from its origins to its impacts to the TTPs that allow ransomware gangs to exploit victim organizations and make off with millions in ransom payments and extortion fees.

The elite security researchers, data scientists, and security developers of Arctic Wolf Labs share forward-thinking insights along with practical guidance you can apply to protect your organization.

Learn how our Concierge Security® and Triage Security Teams help end cyber risk.

SECURITY BULLETINS

CVE-2024-3400: Follow Up: Patches Released for Actively Exploited Critical Vulnerability in GlobalProtect Feature of PAN-OS

CVE-2024-26234 for Windows and CVE-2024-29053 for Defender for IOT highlighted in Microsoft’s April 2024 Patch Tuesday

CVE-2024-3400: Critical Vulnerability in GlobalProtect Feature of PAN-OS being Actively Exploited

COMPANY