“Security by design is a mandatory prerequisite to securing the IoT macrocosm, the Dyn attack was just a practice run.” – James Scott, Sr. Fellow, Institute for Critical Infrastructure Technology.
Remember the 21st of October 2016? A series of carefully mastered DDoS attacks paralyzed internet services on the East Coast, affecting the businesses of market giants like Amazon, Netflix, PayPal, Starbucks, Verizon, Visa – the actual list is longer, and pretty impressive.
The US Department of Homeland Security launched an investigation and it revealed that the extremely sophisticated attack was a botnet that spread through a large number of Internet of Things-enabled (IoT) devices, including cameras, residential gateways, and baby monitors, which had been infected with the Mirai malware.
Later, a Forbes article reported that the attack was likely the brainchild of ‘ an angry gamer’.
Puns aside, if an angry gamer can bring down some of the biggest companies of the world down in a day, that gives every organization with IoT plans a lot to worry about.
History chronicles that the invention of the wheel changed the course of human civilization. The impact of IoT is perceived to be of similar, if not greater, proportions. However, the concept of millions of ‘smart’ interconnected devices raises a security concern of similar magnanimity. IoT will introduce thousands of new threat vectors simply by increasing the number of networked entry points. The security risks increase exponentially, and the attack vector or surface is—in theory—potentially limitless.
In addition, there is a huge variety of different (sometimes obsolete) operating systems, programming languages, and hardware. If you thought that the networks have become complicated after cloud, wait till you see this one!
In a 2017, a study tittle ‘The Internet of Hackable Things’ , researchers at the Technical University of Denmark, Denmark; Orebro University, Sweden; and Innopolis University, Russian Federation found that :
It can be safely said that IoT opens up the enterprise to an increased risk of falling prey to malicious attacks. Forget about securing individual devices, it would be a herculean task to even have a clear idea of how many of these devices are connecting to your enterprise networks and from what sources. So how does one prepare a defence when they don’t have a clue about where the attack is going to come from?
According to a Forrester study, 77% of respondents admit that increased usage of IoT devices creates significant security challenges and IoT is forcing 76% of surveyed security leaders to re-assess how they secure their enterprise networks.
Why networks, you would ask.
It is obvious that it is practically impossible to secure the plethora of devices individually. Moreover, apart from connecting to your enterprise network, some of these devices connect to the cloud, other third-party devices or systems beyond your firewall. Strengthening your enterprise network, that acts as the underlying carrier for all the data that these devices transmit, is your best possible line of defence.
Existing legacy WAN architectures are inadept at handling the havoc that IoT can usher into your landscape in terms of complexity, security and manageability. To be able to mitigate the security vulnerabilities that IoT opens up, IT leaders will need a solution that can bring the following changes to the enterprise networks:
The correct SD-WAN solution can help organizations get a head start on their IoT security journey. For Example, while there are multiple SD-WAN solutions in the market today, Versa’s SD-WAN is a multi-service, multi-tenant software platform built on cloud principles to deliver scale, segmentation, programmability and automation. It provides advanced networking and security in a single software services platform that software-defines the branch.
Act now to know more about how Versa’s Cloud IP Platform fits into your IoT roadmap and e-mail us at info@versa-networks.com or request a demo.
Unless, of course, you are willing to open up your enterprise security to someone who forgot to run the latest software update on their IoT enabled toaster!