TRENDING
These two families are known for hijacking devices to create botnets – large networks of private computers that can be controlled as a group to spread malware , overload infrastructure or send spam .
Who is being targeted ?
The top three nations targeted by IoT attacks were Ireland ( 48 %), the United States ( 32 %) and China ( 14 %). The majority of compromised IoT devices , nearly 90 %, were observed sending data back to servers in one of three countries : China ( 56 %), the United States ( 19 %) or India ( 14 %).
How can organizations protect themselves ?
As the list of ‘ smart ’ devices out in the world grows on a daily basis , it ’ s almost impossible to keep them from entering your organization . Rather than trying to eliminate shadow IT , IT teams should enact access policies that keep these devices from serving as open doors to the most sensitive business data and applications .
These policies and strategies can be employed whether or not IT teams ( or other employees ) are onpremises . ThreatLabz recommends the following tips to mitigate the threat of IoT malware , both on managed and BYOD devices :
• Gain visibility into all your network devices . Deploy solutions able to review and analyze network logs to understand all devices communicating across your network and what they do .
• Change all default passwords . Password control may not always be possible , but a basic first step for deploying corporate-owned IoT devices should be to update passwords and deploy twofactor authentication .
• Update and patch regularly . Many industriesparticularly manufacturing and healthcare-rely on IoT devices for their day-to-day workflows . Make sure you stay apprised of any new vulnerabilities that are discovered and that you keep device security up-to-date with the latest patches .
• Implement a zero trust security architecture . Enforce strict policies for your corporate assets so that users and devices can access only what they need , and only after authentication . Restrict communication to relevant IPs , ASNs and ports needed for external access . Unsanctioned IoT devices that require Internet access should go through traffic inspection and be blocked from all corporate data , ideally through a proxy . The only way to stop shadow IoT devices from posing a threat to corporate networks is to eliminate implicit-trust policies and tightly control access to sensitive data using dynamic identity-based authentication – also known as zero trust . p
26 INTELLIGENTCIO APAC www . intelligentcio . com