Industry Resources

5 Key Security Tips to Avoid an IoT Hack

Friday 10 August 2018 | 14:24 CET | Advertorial | provided by CUJO AI

Recently, Russian PIR Bank lost USD 1.000.000 because of a compromised router that allowed hackers to gain entry into their local network. Why did it happen and how companies can protect themselves?

Malicious IoT hacking incidents are a norm today. That is not surprising, considering that by 2020, the IoT is expected to reach a staggering amount of 20.4 Bn devices. Homes and enterprises using legacy security measures are in danger because of the ever-growing IoT.

Networks in Danger

Generic networking devices such as routers and a variety of IoT gadgets exposed to internet connectivity are left alone without proper supervision, maintenance, and support.

They are all exposed to a wide scope of cyber threats and are very attractive to criminals. These devices are used as initial entry points to gain a foothold into consumer homes, small & medium business or even big corporation networks. 

The most recent case is the hack attempt against Russian PIR Bank. A hacker group called MoneyTaker was able to steal roughly USD 1.000.000. That clearly indicates that even huge companies spending millions on security each year do not have enough control and capabilities to manage those vulnerable entry points within their networks. 

As soon as hackers gain a foothold into the network, they can move laterally without using any type of malicious software or advanced malware. They will always rely on pre-existing tools and non-malicious scripts to gain as much information as possible on the environment and achieve their goal.  

In most cases, that goal is to steal money, exfiltrate data or damage a brand by encrypting all of the intellectual property and business-critical data. In such scenarios, all of the pricy endpoint solutions and antivirus agents will be useless in detecting various attack patterns. 

Protecting the Weak Link

While layered security must remain the key priority, it is essential to understand that generic networking equipment and IoT devices are the weak link. They often have no continuous update program for firmware and software, low lifetime support, and insufficient computational power to host an antivirus or any other security agents. 

As practice shows, they are almost always left alone without proper supervision at consumer homes, network perimeter of small & medium business offices or branches of huge corporations.

It is crucial to keep up with the evolving threat landscape. To do that, companies need to move away from traditional security approaches to the next generation solutions, especially security controls that are driven by artificial intelligence. 

The latter are capable to precisely map a network and identify all devices (even those that might be left alone somewhere on the edge of the network). They spot anomalies in real time, identify unusual network traffic patterns, proactively track and flag outdated devices. 

Only such solutions can provide owners with end-to-end visibility and control of their assets and identify potential vulnerabilities within their networks before they are exploited, and the irreparable damage is done.

Best Business Practices for Security

Huge network expansions and a variety of technologies call for additional security measures. There are a few things that can help the Security Operations team to protect corporate networks properly. To build up a strong cybersecurity culture, a foundation is crucial. It can be built by baseline best cybersecurity hygiene practices:

  • Define the exact boundaries of an interconnected enterprise network. That includes all the wireless and remote connections. It covers branches and access points exposed in remote areas as well as any cloud computing, and potentially externally accessible S3 buckets. The key is for every NOC and SOC to understand what are the boundaries of the enterprise network within which all of the business operates.
  • Enable precise and real-time asset management. Teams have to know all of the devices that are connected to an enterprise network. This needs to be continuous exercise and task for every SOC and NOC team. The Russian PIR Bank case works as a perfect illustration of what can go wrong. Installed-and-forgotten devices, such as routers, can work as easy and attractive entry points for hackers. They can cause a significant amount of damage to a company, its assets, and brand.
  • Ensure configuration and software update management of all devices. There has to be a clear process. The technology teams need to know at all times the exact configuration of devices. That way, they can introduce a streamlined and automated patch management strategy and protection for legacy licensed software components.
  • Introduce Identity and Access Management (IAM) program. Companies must know who is accessing their infrastructure and when. It is also imperative to know the specific privileges that the users/employees have to operate on these devices.
  • Implement User Behavior Analytics (UBA) solutions. These allow SOC and Security Teams to know what employees are doing when they access enterprise resources. Defining normal and potentially suspicious behaviors is crucial. As soon as hackers enter the network, they try to behave as ordinary users so that the Security Teams are not suspicious. Solutions that build precise behavioral employee patterns are useful to detect outsiders in an enterprise network.

It’s also imperative to mention that a company should not purely rely on the default firmware of the routers. Not all routers are designed with security in mind. It is a job for Security Teams within a company to configure them properly using additional security configurations (user management software, internal access/external access). With these in mind, it is possible to reach nearly a perfect state of a router.

Network-security-wise, there are additional steps that are needed to ensure that the network security is very difficult to penetrate. However, the precautions above help to eliminate the human factor and prevent initial hacking attempts. While building a comprehensive and sustainable security strategy is not an easy task, this foundation is key and needs to be implemented in every company.

Sponsor Details

Name    CUJO AI
Contact    https://www.getcujo.com/

Categories: General / Internet / Mobile & Wireless
Companies: CUJO
Countries: World
::: add a comment
This article is part of dossier



Can vpn be used to avoid attacks ? I read at bestvpn .co that we can avoid such attacks by using vpn.
David Michaels @ 13/8/2018 - 07:43

Add comment

Please login or register to leave a comment.

We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the Telecompaper website, they in no way represent the opinion of Telecompaper.


CTIA to start IoT device security certification

Published 21 Aug 2018 16:14 CET | United States
The US mobile industry group CTIA is launching a programme to certify cellular IoT devices for cybersecurity. It will start ...

Machine Learning vs Chronic Security & Privacy Issues

Published 27 Jul 2018 14:58 CET | World
The Internet has many issues. Privacy. Lack of encryption and its governance. Questionable marketing techniques. A misinformed ...

CUJO AI named to WEF annual list of Technology Pioneers

Published 28 Jun 2018 14:04 CET | World
The World Economic Forum has unveiled its annual list of Technology Pioneers. The 61 early-stage companies are recognized for ...

Q&A Session: New Trends Advance User Privacy

Published 11 Jun 2018 13:00 CET | World
Privacy and security online are one of the top concerns of Americans, especially after numerous massive data breaches (Equifax, ...

New Approach to GDPR: Using Machine Learning to Enhance Privacy

Published 15 May 2018 13:00 CET | World
GDPR has no precedent. However, it could become the worldwide gold standard of privacy laws. In such a case, these ...

Mobile First: Security Concerns and Solutions

Published 08 May 2018 13:00 CET | World
The majority of people - 83%, in fact - use their mobile devices to go online. 89% of these users connect to the internet via a ...

New DNS Encryption Tools Accelerate Privacy Online

Published 25 Apr 2018 17:00 CET | World
Brand new Domain Naming Service (DNS) Cloudflare is gaining firm ground among internet users. Unlike many other DNS providers, ...

DNS blacklisting is dead. What's next?

Published 23 Mar 2018 12:20 CET | World
Broadband customers are bringing millions of new smart devices into their homes. The number of connected devices might reach 30 ...

Why Do We Need Advanced Parental Controls?

Published 22 Feb 2018 07:30 CET | World
In 2016, Pew Research Center revealed that 60% of parents had checked their teen's social media. 61% of parents agree that ...

CUJO AI Platform for Network Operators

Published 01 Feb 2018 15:20 CET | World
Company helps Network Operators support their customer's privacy by placing IoT devices beyond the reach of hackers. After ...

Cujo founds subsidiary in Lithuania

Published 13 Oct 2017 00:37 CET | Lithuania
US-based company Cujo has founded the subsidiary Cujo Baltic in Lithuania, reports Vz.lt. The company plans to create up to 100 ...