The Need for a “TSA” for IoT Devices

Pinterest LinkedIn Tumblr

It wasn’t too long ago that upon checking in for a flight, you would typically be asked, “have your belongings been in your control at all times and has anyone asked you to carry something for you?” Usually, most of us answer “Yes” to the first part and “No” to the second part of these questions. In the world of the Internet of Things (IoT), it is not always that simple. To be in control of these devices at all times is a large responsibility – breaches can expose these devices to malware and other security incidences. In the best of times, managing IoT security is already a daunting task for most organizations. The ever-expanding security perimeter with hundreds, or perhaps thousands, of IoT devices brings added management systems, overhead and security risks as areas of concern. Now, the COVID-19 pandemic has changed many fundamental aspects of how corporate networks are operating.

In the last 90 days, the number of remote workers has increased dramatically with many industries citing over 50% of their workforces are now remotely accessing corporate resources. With this expanded remote workforce, corporate networks are exposed to more security issues from consumer-grade IoT devices that are on home networks, which in turn are connected to an organization’s network over VPN connections. In many instances, home users do not adhere to strict security guidelines and numerous IoT-enabled devices such as cameras, smart switches, smart light bulbs, and more are deployed without much thought given to security (e.g. users are not changing default passwords). Additionally, in many cases, these devices were not developed with security in mind, implementing Transport Layer Security (TLS) encryption for doing firmware upgrades, or simply sold en masse with little regard to security-hardened embedded software for safe 24/7 operation.

Not surprisingly, in addition to the expanded remote workforce, this pandemic has also seen an increase in hacker activity. Zscaler, a security monitoring solutions provider, has seen an increase of 15% each month since the start of 2020, and as recently as March an increase of 20% in data breach incidents. Hackers are taking advantage of weaker and/or lacking security policies used by remote employees. These security measures are needed to protect networks from rogue actors, but in reality, are being used as conduits into a company’s infrastructure.

Attackers are always looking for more ways to breach infrastructures of all types, whether it be vandalism, the glory of the kill, or monetary extortion. But one thing is for certain – threat vectors will always be evolving. Smart cities are deploying thousands of IoT devices that extend the security perimeter. Targets even include “smart” trash cans that indicate when they need servicing, parking pay stations, and more critical infrastructure such as lighting and traffic signaling, which can actually lead to life or death consequences if breached.

The COVID-19 pandemic is exacerbating a security situation that has already existed. An organization’s Operational Technology (OT) and IoT security are only as good as its weakest links. Companies must be resounded in their security practices and proactive in threat visibility and discovery, training their staff and following best practices to align with today’s growing threats. They must be cognizant of all threats, including those that involve social engineering spear phishing and many other techniques in order to be better prepared and respond to security incidents in a proactive manner.