sb-eu logo
Story image

COVID-19: How analysis of IoT devices highlights our changing behaviour

07 May 2020

The behaviour of consumers and enterprises alike has changed drastically and in many ways in the wake of the COVID-19 pandemic – and through analysis of connected devices, including Internet of Things (IoT) devices, rich insight can be gleaned into changing the way we interact with our devices.

ExtraHop has today issued a report detailing such changes, with warnings that connected devices, both those used by employees at home and those left idle but connected to the office network, can pose serious security risks to enterprises.

Using aggregate data from across its global user base, ExtraHop analysed business-related device activity during a one week period at the end of March 2020, which was compared to activity from a similar study of the same global user base conducted in November last year. 

The results reveal not only patterns that illuminate the state of work during the COVID-19 crisis, but also the long-term security implications of a distributed workforce.
 

Key findings

Unsurprisingly, there was a 65% decline in the number of laptops and a nearly 70% decline in the number of smartphones connecting directly to corporate networks in March 2020. 

However, employees are still accessing corporate resources, often relying on questionably secure local networks that lack the safeguards of the office network and thus are more exposed to malware.

The report also revealed that the number of connected IP phones declined by just 7.5%, indicating that many of these devices remain on and connected even when no one is using them. 

Almost 25% of those VoIP devices are Cisco IP phones, for which a critical vulnerability (CVE-2020-3161) was announced in April.

Printers – at high risk for vulnerabilities and one of the most common targets of hackers – showed even smaller declines in connectivity, dropping by just 0.53%.

Organisations seem to be taking more precautions than before against physical intrusion, with the report revealing connections from security cameras increased by 47% in March.

Security cameras, like IP phones and printers, often have vulnerabilities and have been observed phoning data home.

“The almost overnight shift to remote work required a massive effort just to ensure the availability of applications and critical resources for employees outside the office,” says ExtraHop vice president, cloud and security solutions Sri Sundaralingam. 

“For many organisations, the management of IoT and other connected devices may have been an afterthought, or at least something they didn’t anticipate having to handle long term. 

“As availability and security issues surrounding remote access become more settled, this needs to be an area of focus.”

Story image
Beware of these six L7 DDoS attacks
As more services are migrating online, DDoS attacks are increasingly shifting away from the network layer, and into the application layer, writes Radware product marketing manager Eyal Arazi.More
Story image
Tanium and Google Cloud bring greater security to distributed IT
“This joint solution with Chronicle gives Tanium customers access to massively scalable analytics and investigation capabilities far beyond that of other endpoint detection and response point tools."More
Story image
DDoS attacks bigger & more prevalent in Q2 2020 - Cloudflare report
Cloudflare recorded the ‘biggest ever’ attacks – 88% of all large (100 Gbps) attacks this year were launched after the lockdown period in March.More
Story image
DDoS attacks spike thanks to COVID-19 lockdowns, Kaspersky finds
Kaspersky experts believe the rise in malicious activity can be attributed to the impact of COVID-19, as both cybercriminals and their targets have had to reconsider their holiday plans. More
Story image
Distributed workforces pose new challenges for information management
“Collaboration can be stymied, mistakes can be made, and organisations can suffer data breaches if they don’t immediately address the issue of how employees are accessing and sharing information while working remotely.”More
Story image
SentinelOne signs Netpoleon as security distributor in Asia Pacific Japan
“Working with a partner that understands our needs and can provide access and reach across a diverse region with strong security expertise, makes partnering with Netpoleon compelling and a logical choice for our next phase of growth."More