Network of internet of things attacked by a hacker on one node
As IoT use cases continue to grow, lax security practices such as retaining default passwords and not implementing updates and patches in a timely manner remain a problem.
With all of the Internet of Things hacks over the past five years, one would expect the industry to massively improve security standards and businesses to be more careful installing these devices.
Sadly, manufacturer-set passwords and encryption remain lackluster, while businesses continue to add unsecured devices to their IT system. Some big operators have made steps in the right direction, but as Unit 42’s IoT threat report reveals, there’s still a way to go.
SEE ALSO: The Internet of Things May be a Hacker’s Delight, Both Inside and Out
One of the most
shocking key findings on the report is 98 percent of IoT device traffic remains
unencrypted. That means if a hacker were to plant themselves inside the network,
they would be able to listen and collect all network traffic.
Unit 42 analyzed IoT devices used by healthcare organizations, which regularly send confidential information on patients over their IT network. If a hacker were to intercept this information, it could be used as blackmail or sold on the dark web.
Most IoT Devices Still Run Windows 7
Not only do most devices come with minimal security, but according to Unit 42, 83 percent of medical imaging devices run on unsupported operating systems. 56 percent run Windows 7, which Microsoft put into end of life stage in January.
Analysis of recent IoT attacks has led Unit 42 to see a shift in hacker’s priority, previously most were used as part of botnets to send DDoS attacks, now they are primarily the gateway for malware to spread across an organization’s network.
Around five billion IoT endpoints are currently in use and that is increasing by about 20 percent every year. While the use cases for IoT devices continues to grow, the security measures put in place remain stuck in the early 2010s. California’s SB-327 IoT law may force manufacturers to wake up to the fact IoT needs more security, but businesses need to also look into additional measures.
Unit 42 suggests that
businesses patch printers and other older devices, segment IoT devices from the
main network, and enable active monitoring.
David is a technology writer with several years experience covering all aspects of IoT, from technology to networks to security.
Best Practices for Deploying and Scaling Industrial AIArtificial Intelligence (AI) is transforming industrial operations, helping organizations optimize workflows, reduce downtime, and enhance productivity. Different industry verticals leverage AI in unique ways.Link to The Center for Adaptive Edge Intelligence
The Center for Adaptive Edge IntelligenceAdaptive edge intelligence brings real-time decision-making to the point of data creation, whether from sensors, machines, or cameras.Link to The Value of Vehicle Electrification
The Value of Vehicle ElectrificationElectric vehicles (EVs) present automakers with many design, engineering, and manufactu ring challenges.Link to Accelerating Manufacturing Digital Transformation with Industrial Connectivity and IoT
Accelerating Manufacturing Digital Transformation with Industrial Connectivity and IoTDigital transformation is empowering industrial organizations to deliver sustainable innovation, disruption-proof products and services, and continuous operational improvement.Link to Smart Manufacturing for Automotive
Smart Manufacturing for AutomotiveLeading a transportation revolution in autonomous, electric, shared mobility and connectivity with the next generation of design and development tools.Link to Center for Data Pipeline Automation
Center for Data Pipeline AutomationAs businesses become data-driven and rely more heavily on analytics to operate, getting high-quality, trusted data to the right data user at the right time is essential.Link to Center for Automated Integration
Center for Automated IntegrationThe goal of automated integration is to enable applications and systems that were built separately to easily share data and work together, resulting in new capabilities and efficiencies that cut costs, uncover insights, and much more.Link to Continuous Intelligence: Insights
Continuous Intelligence: InsightsDigital transformation requires continuous intelligence (CI). Today’s digital businesses are leveraging this new category of software which includes real-time analytics and insights from a single, cloud-native platform across multiple use cases to speed decision-making, and drive world-class customer experiences.
