The general security posture of IoT has hitherto been dismal, but one report states that it is actually declining further …
In an analysis of 1.2 million IoT devices in thousands of physical locations across enterprise IT and healthcare organizations in the United States, Unit 42 of the Palo Alto Networks threat intelligence team made some startling discoveries.
The recently released its IoT Threat Report found that the general security posture of IoT devices is declining, leaving organizations vulnerable to new IoT-targeted malware as well as older attack techniques that IT teams might be prone to underestimating.
Some of the key findings for the US landscape:
- 98% of all IoT device traffic is unencrypted, exposing personal and confidential data on the network and leaving users vulnerable to the exploits of attackers.
- 57% of IoT devices are vulnerable to medium or high-severity attacks, making IoT the low-hanging fruit for attackers.
- 72% of healthcare organizations are displaying poor network security hygiene by mixing their IoT and IT assets on VLANs, allowing malware to spread from users’ computers to vulnerable IoT devices on the same network.
- 83% of medical imaging devices run on unsupported operating systems, which opens the door for new attacks like cryptojacking and brings back long-forgotten attacks such as Conficker.
- Cyber threats are evolving to encompass new techniques targeting IoT devices such as peer-to-peer C2 communications and worm-like features for self-propagation, allowing attackers to exploit the vulnerabilities of old legacy protocols.
The study suggests four urgent steps to reduce IoT risks:
- Know your risk—discover IoT devices on the network
- Patch printers and other easily patchable devices
- Segment IoT devices across VLANs
- Enable active monitoring
To know and manage risk proactively, an organization needs an effective IoT security strategy. The Unit 42 research team suggested two additional practices every IoT strategy should incorporate: Think holistically—orchestrate the entire IoT lifecycle—and expand security to all IoT devices through product integrations.