Skip to main content

Shadow IoT Emerging as New Enterprise Security Problem

Much of the traffic egressing enterprise networks are from poorly protected Internet-connected consumer devices, a Zscaler study finds.

When it comes to protecting against Internet of Things (IoT)-based threats, many organizations seem have a lot more to deal with than just the officially sanctioned Internet-connected devices on their networks.
A new analysis by Zscaler of IoT traffic exiting enterprise networks showed a high volume associated with consumer IoT products, including TV set-top boxes, IP cameras, smart watches, smart refrigerators, connected furniture, and automotive multimedia systems.
In some cases, the traffic was generated by employees at work, for instance, checking their nanny cams or accessing media devices or their home security systems over the corporate network. In another instances, consumer-grade IoT devices installed in work facilities, such as smart TVs, generated a lot of the IoT traffic.
Though all IoT devices — authorized and unauthorized — that Zscaler observed used at least some level of encryption, a startling 83% of IoT transactions were happening over plain-text channels, making it vulnerable to eavesdropping, sniffing, and man-in-the-middle attacks.
"We are noticing a big increase in IoT device traffic aggressing the enterprise network," says Deepen Desai, vice president of security research at Zscaler.  
As recently as last May, the volume of IoT traffic generated by Zscaler's enterprise customer base was in the range of 56 million transactions per month. Currently it is around 33 million transactions a day, or roughly 1 billion transactions per month. As a proportion of all Internet transactions that Zscaler processes, the volume of IoT-related traffic is still relatively small but is growing very fast, Zscaler said.
While the traffic increase itself is in keeping with previous predictions about IoT growth, the concern is the number of unauthorized, consumer-oriented shadow-IoT devices that are showing up on enterprise networks, Desai says. Many of these devices have insecure configurations, use default passwords, and present relatively easy targets for attackers. New exploits that target IoT devices are constantly surfacing, and attackers are actively looking to exploit vulnerabilities in connected cameras, DVRs, and home routers, he says.
Zscaler's analysis of some 500 million transactions from more than 2,000 organizations over a two-week period uncovered traffic from a total of 553 unique devices across 21 categories from 212 manufacturers. TV set-top boxes accounted for nearly 30% of the IoT devices that Zscaler discovered across the organizations in its study. Three of the other IoT devices among the top five were consumer products as well — smart TVs, smart watches, and media players.
The top authorized devices that Zscaler discovered in its study — including wireless barcode readers, digital signage media players, medical systems, industrial control devices, and payment terminals — were significantly smaller in number compared to the unauthorized IoT devices. However, and somewhat unsurprisingly, these devices were the ones that generated most of the IoT traffic on the networks.
The situation highlights the need for enterprises to enable greater visibility into IoT traffic on their networks, Desai says. Without knowing what's on their networks, administrators are going to find it very hard to manage the problem.
"Organizations need to understand the risk," Desai says. They need to be able to identify and separate the authorized IoT traffic on the network from the traffic generated by vulnerable and poorly secured consumer device. "If your MRI [machine] is talking back to the Internet, there could be many other devices [doing it] as well," he says.
Source : https://www.darkreading.com/iot/report-shadow-iot-emerging-as-new-enterprise-security-problem/d/d-id/1337144?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Comments

Post a Comment

Popular posts from this blog

Understanding Ransomware

Ransomware is a type of malicious software designed to encrypt or block access to a victim's files or entire computer system. The attackers demand a ransom payment, typically in cryptocurrencies, in exchange for providing the decryption key or restoring access. This insidious form of cyberattack has evolved over the years, becoming more sophisticated and causing significant disruption.   The impact of ransomware attacks can be devastating on multiple levels. For individuals, it can result in the loss of personal data, compromising sensitive information like financial records or personal documents. In businesses, ransomware can disrupt operations, leading to financial losses, reputational damage, and potential legal implications. Critical infrastructure, such as healthcare or government systems, can also become targets, risking public safety and national security.
Post a Comment
Read more

Information security !!!

 
Post a Comment
Read more

Different types of cyber attacks

Malware attacks: Malware attacks involve the use of malicious software, such as viruses, worms, or ransomware, to damage or disrupt systems or steal sensitive data. Phishing attacks: Phishing attacks involve the use of fake emails or websites to trick individuals into revealing sensitive information, such as passwords or financial data. Denial of service (DoS) attacks: DoS attacks involve flooding a network or website with traffic in an attempt to make it unavailable to users. SQL injection attacks: SQL injection attacks involve injecting malicious code into a database through a website or application in order to gain unauthorized access or steal sensitive data. Man-in-the-middle (MitM) attacks: MitM attacks involve intercepting communications between two parties in order to gain access to sensitive information or to alter the content of the communication. Insider attacks: Insider attacks involve the use of an individual's authorized access to systems or data to compromise the secu...
Post a Comment
Read more