sb-eu logo
Story image

IoT devices more at risk of cyber attack than ever - report

17 Mar 2020

Internet of Things (IoT) devices are one of the fastest-growing emerging technologies in the digital transformation sphere – by the end of 2019, 4.8 billion IoT endpoints were expected to be in use, an increase of 21.5% from 2018, according to Gartner.

But, as with almost all emerging technologies, there comes with it an associated cybersecurity risk.

Unit 42, the threat intelligence team of Palo Alto Networks, recently analysed 1.2 million IoT devices in thousands of physical locations across enterprise IT and healthcare organisations in the United States. 

The 2020 Unit 42 IoT Threat Report found the general security posture of IoT devices is declining, leaving organisations vulnerable to new IoT-targeted malware as well as older attack techniques that IT teams have long forgotten.

Among the most disturbing discoveries: 98% of all IoT device traffic is unencrypted, exposing personal and confidential data on the network. 

This potentially allows attackers the ability to listen to unencrypted network traffic, collect personal or confidential information, then exploit that data for profit on the dark web.

The report also revealed 83% of medical imaging devices are running on unsupported operating systems. 

This reflects a 56% jump from 2018, mostly due to the Windows 7 operating system reaching its end of life. 

This left hospital and other health organisations vulnerable to attacks that can disrupt care or expose sensitive medical information.

Other key findings:

51% of threats for healthcare organisations involved imaging devices, disrupting the quality of care and allowing attackers to exfiltrate patient data stored on these devices.

72% of healthcare virtual local area networks (VLANs) mix IoT and IT assets, allowing malware to spread from users’ computers to vulnerable IoT devices on the same network.

New techniques, such as peer-to-peer command and worm-like features for self-propagation, are coming to light, threatening to infect IoT devices without prejudice.

57% of IoT devices are vulnerable to medium- or high-severity attacks, making IoT the low-hanging fruit for attackers, according to Unit 42.

41% of attacks exploit device vulnerabilities, as IT-borne attacks scan through network-connected devices in an attempt to exploit known weaknesses.

Unit 42 also found that, while the vulnerability of IoT devices make them easy targets, they are most often used as a stepping stone to attack other systems on the network. 

Furthermore, Unit 42 found password-related attacks continue to be prevalent on IoT devices due to weak manufacturer-set passwords and poor password security practices.

Increasingly, malware is being used to enable attackers to run malicious code to conduct new attacks. 

This is becoming the new focus of cyber criminals’ attacks, shifting from their previous motivation of running botnets to conduct DDoS attacks via IoT devices.

In light of the new and novel cyber threats facing new IoT devices, Unit 42 recommends adhering to the following steps to minimise risk:

  • Know your risk. Discover IoT devices on the network
  • Patch printers and other easily patchable devices
  • Segment IoT devices across VLANs
  • Enable active monitoring.
Story image
WatchGuard rolls out updates to bring greater security to MSPs
"WatchGuard Cloud’s continued evolution is lowering the barrier to entry for MSPs to add security to their portfolios and solidifying it as the management platform of choice for the security channel.”More
Story image
Kaseya acquires RocketCyber to bring SOC solutions to more businesses
"With this acquisition, we've doubled down on our security investments to provide our customers with access to experts who can continuously monitoring their IT environments without the cost and complexity of disparate tools.”More
Story image
Y Soft adds to identity verification solution portfolio
Y Soft is adding to its portfolio of identity verification solutions with the release of a new secure identity verification for networked printers.More
Story image
Quantum extends Veeam partnership in a bid to protect against ransomware
“Quantum continues to expand its partnership with us and we are pleased to add ActiveScale object storage to a select group of S3 targets that can provide robust ransomware protection for our joint customers."More
Link image
Why strong authentication is passwordless in 2021
Passwordless authentication is not only good practice, it is also increasingly becoming a regulated standard. Here's why robust solutions, like True Passwordless Authentication, are the way of the future.More
Story image
Creating a strong culture of security within organisations
CISOs worldwide are inherently aware of how significant investment in cybersecurity strategies and technologies can bolster an organisation’s protection against cyberattacks. However, many overlook the importance of culture when it comes to cybersecurity.More