used with permission from Tektonika (HP)
by Jasmine W. Gordon
Hackers love to target smart devices, and poor IoT security can leave your organization a sitting duck. According to the latest Cyber Threat Report by Sonic Wall, the number of IoT attacks more than doubled last year with routers being among the most frequently-targeted IoT devices.
Breaking into these often overlooked devices can be remarkably easy for hackers, according to Security Weekly. Wolves are always busy scanning for unprotected routers, and once they find one, they can hack into it with exploit codes that are available to the public.
In late February, researchers from Avast illustrated this problem at the Mobile World Congress by setting up 500 “honeypots,” or fake routers with deliberately open ports. As the event unfolded, the trap attracted a daily average of 11,588 attempts to connect with each honeypot.
Avast estimates that 60 percent of routers deployed worldwide “either [have] weak credentials or software vulnerabilities.” Due to the prevalence of these attacks and the general lack of protective measures in place across businesses, the router security crisis may be worse than you thought.
5 tips on router security for IT teams
Wolves are constantly circling your routers, striking up to 12,000 times per day. In fact, Ponemon estimates that your chances of experiencing a cyber attack are 1 in 4—you’d be better off betting against a rolled die. Your network is only as strong as your endpoint security, so make sure your IT team is following these tips.
Create strong passwords
Hackers love to target poorly secured credentials for endpoint devices that security teams frequently overlook, including routers, business printers, VoIP phones, and other IoT devices. To counter this, create strong, unique passwords for every IoT device on your network. Use at least 10 characters, including numbers and special characters, and avoid using obvious passwords like “ReceptionRouter.”
Actively monitor your router and other IoT devices and quickly apply available security patches designed by vendors to address known firmware vulnerabilities.
Hold vendors responsible
IoT security is a shared responsibility between your organization’s security team and the vendor of a device or service. Your passwords and intrusion detection efforts can’t compensate for critical vulnerabilities. When evaluating router vendors, check to see whether they will supply patches and how frequently security software updates are made—infrequent patching habits can make your router a serious target.
Compartmentalize your routers on a VPN
Failing to separate your networks is risky. When a cybercriminal gains control of an IoT device on a shared network, they can seamlessly navigate your company’s systems and steal data. Using a VPN to segregate your routers from other endpoints, like personal computers and mobile devices, can help protect your data.
Configure advanced settings
Most new enterprise routers offer built-in firewall protections, including advanced settings for port forwarding and port filtering. Using these port settings can enable your organization to block malicious traffic patterns associated with DDoS attempts. Employ expert third-party assistance if necessary, as misconfigured port settings can be a huge source of vulnerabilities.
3 initiatives for IoT security
Security isn’t just an IT responsibility. Company leadership should also support initiatives to improve the security of routers and other frequently targeted endpoints, like printers.
Adopt a framework
Chances are good that your IT security team is overworked and overwhelmed by the task of managing tens of thousands of endpoints. Adopting a formal framework can simplify IoT security and cyber hygiene and provide shared goals for the security team and executive leadership. One framework for organizing your efforts is the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) approach, which includes four phases:
- Phase 1: “What is on the Network?”
- Phase 2: “Who is on the Network?”
- Phase 3: “What is Happening on the Network?”
- Phase 4: “How is Data Protected?”
While these questions might seem elementary, taking a systematic approach to your security strategy can help you ensure that all your bases are covered.
Every IoT device on your network is a potential attack vector. If your security team doesn’t know what’s on the network, they can’t defend against threats. Implement automation in endpoint visibility with centralized administrative tools for endpoint management so you can easily see what’s on your networks across the organization and identify the riskiest routers.
Refresh your hardware
Work to understand which routers are a source of risk and whether these devices require smarter configuration or, in some cases, replacement. You may need new routers if your devices contain well-known software vulnerabilities or are incompatible with the latest protocol for router security (WPA3).
Hackers know that routers are easy targets, and weak router security could leave your organization falling prey to data theft or unwittingly victimizing another organization if your IoT devices are hijacked by a DDoS botnet. Innovating your approach to IoT security is a company-wide effort, but it’s well worth it to close security gaps and send hackers on their way.