Mitigating Security Threats on Nontraditional Platforms

istock 1132781699
Medi Raw Stock

Our worlds are increasingly interconnected and dependent on computing. Things that don’t appear to be computers are, in fact, “smart” devices. These include routers, mobile phones, firewalls, smart TVs, streaming boxes, VoIP boxes, cameras and camera doorbells, network attached storage, some brands of kitchen and laundry appliances, and many other connected devices we use daily for work or for convenience.

“All of these devices are risky, and they often have terrible security,” says Chester Wisniewski, principal research scientist at Sophos. “We are in the preliminary stages of seeing how they can be used in attacks. But they are not being exploited by everyday criminals – yet.”

Vulnerabilities and attacks will likely increase as people purchase more smart devices and interconnect them. Wisniewski says business and security leaders need to start examining ways to mitigate threats from nontraditional platforms now before they become widespread.

“None of us buy projectors to use in conference rooms anymore,” he says. “We buy smart TVs, which have a built-in mechanism for spying and are connected to a network. This type of breach may not be in the sights of everyday hackers now because they haven’t found ways to monetize the information. But for organizations with sophisticated adversaries, they will be.”

Another nontraditional attack vector is a firewall, which Wisniewski says is “one of the most frequently attacked things.”

“Firewall devices are a gateway to your network,” he says. “If you’re not operating in Zero Trust mode, you have a perimeter, and those boxes are kind of a skeleton key to get access to all the traffic coming and going. Especially with remote work.”

Wisniewski says security teams have seen firewalls exploited heavily throughout the last year and it's unlikely to change – so keeping them up to date is absolutely critical.

What else should security teams being doing now to prepare to mitigate non-traditional attack vectors?

“It ties back to maturity,” says Wisniewski. “It is still about monitoring for anomalous behavior. If you aren’t watching, knowing what you should be looking out for, that’s when things can happen. You need to know what is not normal behavior. That is a challenge for a lot of organizations.”

Wisniewski recommends human-led and advanced threat hunting to identify these kinds of novel and advanced threats, because they will inevitably become a more common part of the threat landscape.

Sophos can assist you with Sophos Managed Threat Response. Learn more at sophos.com/en-us/products/managed-threat-response.

Related:

Copyright © 2021 IDG Communications, Inc.