More IoT devices, more security threats
Around 4.8 billion devices are expected to be connected to the Internet of Things (IoT) by the end of 2019. At least that’s what Gartner analysts estimated. This represents an increase of around 21.5 percent compared to the previous year. Unfortunately, many IoT solutions do not provide more security. Quite the contrary. According to a study by the security experts of “Unit 42” of the American company Palo Alto Networks, more than half of all connected IoT devices are vulnerable to attacks.
For their investigation, the Unit 42 team analyzed 1.2 million IoT devices in thousands of physical locations in IT and healthcare organizations of companies in the United States. The results are appalling.
Medical sector particularly vulnerable
The health system in particular showed striking weaknesses in this respect. For example, around 83 percent of all medical imaging devices run on unsupported operating systems. This is an increase of 56 percent compared to 2018 and is mainly due to the fact that many devices are still running Windows 7. However, Microsoft’s operating system has reached the end of its life cycle and is no longer supported or provided with the latest security patches. Medical facilities in particular are currently particularly vulnerable to attacks that could disrupt care or expose sensitive medical information. Although the investigation only covers facilities in the USA, parallel investigations can certainly be made with other countries, e.g. Germany.
- 98% of all IoT device traffic is unencrypted, exposing personal and confidential data on the network and allowing attackers to eavesdrop on unencrypted network traffic, collect personal or confidential information, and then exploit this data profitably on the dark web.
- 51% of all threats in the healthcare sector affect imaging devices, disrupting the quality of care and allowing attackers to exfiltrate patient data stored on these devices.
- 72% of healthcare VLANs mix IoT and IT resources, allowing malware to spread from users’ computers to vulnerable IoT devices on the same network.
The threats target IoT devices and use sophisticated techniques such as peer-to-peer command and control communications or worm-like self-proliferation capabilities. Combined with weak device and network security, attackers often have the opportunity to compromise IoT systems.
IoT devices mostly door openers for further attacks
The IoT devices are usually only used by attackers as door openers to access other systems in the connected network from there. This is a real horror for system administrators. The webcam, printer or any other carelessly installed device becomes a gateway into the systems.
The experts therefore strongly recommend registering all connected devices in the corporate network and checking them for current patches or standard passwords. In addition, devices within networks should be operated in a segmented manner. Last but not least, active monitoring of the data traffic of all connected devices is recommended in order to detect unusual behavior at an early stage.