IAM for IoT: Taming the internet of threats

We don’t simply give users credentials and allow unfettered access to the network, why wouldn't we apply the same controls to a networked device?

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

I want you to imagine this scene: in the back room of a flashy casino, a cybersecurity quick response team is on alert after discovering that a hacker is at work somewhere on the casino floor.  A couple of genius tech team members realize that the hack is actually happening right now, and they’ve found the source. The call goes out to the security guards, “Sector 20 Zulu… Go! Go! Go!” Now teams Alpha, Bravo, and Charlie enter simultaneously from various points around the floor and rush to the scene where they meet at the source of the breach…a fish tank.

While you may certainly agree that the above scene is seriously lacking in a climax, you might be amazed to know that it’s a true story. In 2017, a hacker had scanned casino IP addresses searching for a device they could control. The scan revealed a smart thermometer attached to a large aquarium that shared temperature data with the employees responsible for the aquarium’s upkeep. The thermometer needed a network to connect to in order to share its data, and which one did it use? You guessed it, the casino’s private network.

After the device was hacked, the attacker gained access to the casino network and stole private data on casino customers, uploading the data to their server overseas. If you wonder why I call IoT ‘the internet of threats,’ I hope the above story gave you a good enough reason.

There are more threats than you think

The threats are truly all around us.  We’ve got digital assistants that are constantly listening to us in our kitchens, video game consoles with cameras, digital locks on our doors, and more. You don’t have these types of items in your office though, so nothing to worry about, right? Well, do you have networked printers that also have wifi capability?  Security systems linked to external vendors?  A thermometer on the fish tank in the lobby? Many aren’t aware of all the IoT devices that are actually connected to their network, and this can lead to very dangerous situations.  IoT is broadly considered to be anything in your domain that could possibly connect to the internet, or even just your network.  To say it’s time to pay attention to this threat is an understatement.

Why is this happening?

The first step we need to take is grasping how and why these devices are a threat to begin with.  With all we’ve learned about security, why are devices that seem so easy to hack into getting deployed?  The simple fact is, for many manufacturers the notion of security might come as an afterthought to innovation.  For example, if a company is producing hundreds of thousands of network-connected thermometers, the notion of installing and managing unique encryption keys between those devices might seem ridiculous and expensive.  Sometimes the security is there, but when mismanaged, it’s like leaving the front door not only unlocked but wide open.  A great example of this is when you install your new networked printer in your house and totally ignore the fact that the printer itself has a wifi router installed that you both neglected to disable and forgot to change the default access password to.  The chance that the printer doesn’t have a vulnerability allowing an attacker to bridge those connections and access your personal file shares is a very high risk to completely ignore.

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.