sb-au logo
Story image

IoT devices more at risk of cyber attack than ever - report

17 Mar 2020

Internet of Things (IoT) devices are one of the fastest-growing emerging technologies in the digital transformation sphere – by the end of 2019, 4.8 billion IoT endpoints were expected to be in use, an increase of 21.5% from 2018, according to Gartner.

But, as with almost all emerging technologies, there comes with it an associated cybersecurity risk.

Unit 42, the threat intelligence team of Palo Alto Networks, recently analysed 1.2 million IoT devices in thousands of physical locations across enterprise IT and healthcare organisations in the United States. 

The 2020 Unit 42 IoT Threat Report found the general security posture of IoT devices is declining, leaving organisations vulnerable to new IoT-targeted malware as well as older attack techniques that IT teams have long forgotten.

Among the most disturbing discoveries: 98% of all IoT device traffic is unencrypted, exposing personal and confidential data on the network. 

This potentially allows attackers the ability to listen to unencrypted network traffic, collect personal or confidential information, then exploit that data for profit on the dark web.

The report also revealed 83% of medical imaging devices are running on unsupported operating systems. 

This reflects a 56% jump from 2018, mostly due to the Windows 7 operating system reaching its end of life. 

This left hospital and other health organisations vulnerable to attacks that can disrupt care or expose sensitive medical information.

Other key findings:

51% of threats for healthcare organisations involved imaging devices, disrupting the quality of care and allowing attackers to exfiltrate patient data stored on these devices.

72% of healthcare virtual local area networks (VLANs) mix IoT and IT assets, allowing malware to spread from users’ computers to vulnerable IoT devices on the same network.

New techniques, such as peer-to-peer command and worm-like features for self-propagation, are coming to light, threatening to infect IoT devices without prejudice.

57% of IoT devices are vulnerable to medium- or high-severity attacks, making IoT the low-hanging fruit for attackers, according to Unit 42.

41% of attacks exploit device vulnerabilities, as IT-borne attacks scan through network-connected devices in an attempt to exploit known weaknesses.

Unit 42 also found that, while the vulnerability of IoT devices make them easy targets, they are most often used as a stepping stone to attack other systems on the network. 

Furthermore, Unit 42 found password-related attacks continue to be prevalent on IoT devices due to weak manufacturer-set passwords and poor password security practices.

Increasingly, malware is being used to enable attackers to run malicious code to conduct new attacks. 

This is becoming the new focus of cyber criminals’ attacks, shifting from their previous motivation of running botnets to conduct DDoS attacks via IoT devices.

In light of the new and novel cyber threats facing new IoT devices, Unit 42 recommends adhering to the following steps to minimise risk:

  • Know your risk. Discover IoT devices on the network
  • Patch printers and other easily patchable devices
  • Segment IoT devices across VLANs
  • Enable active monitoring.
Story image
The importance of selecting a secure SD-WAN solution
It’s essential to adopt a secure SD-WAN solution to avoid the risks that an unsecured SD-WAN solution can introduce, writes Wavelink managing director Ilan Rubin.More
Story image
ConnectWise launches bug bounty program to bolster cybersecurity strategy
“Crowdsourcing in this way represents a solid additional layer of security, and we clearly value the community's expertise and participation in helping us keep our products secure."More
Story image
Jamf extends Microsoft collaboration with iOS Device Compliance
Organisations will soon be able to use Jamf for Apple ecosystem management while using Azure Active Directory and Microsoft Endpoint manager to maintain conditional access.More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Gartner: Security leaders must balance risk, trust and opportunity
Security and risk leaders must focus on balancing risk, trust and opportunity to help maintain the ability of their organisations to function.More