If you read enough tech thriller or science fiction books, you’re bound to be familiar with a super villain using some kind of technology to wreak havoc across the planet—often triggered by hacking critical internet-of-things (IoT) systems. But the fact is, not all IoT attacks lead to a dystopian hellscape, and you don’t need to immerse yourself in a novel by Dan Brown, Michael Crichton or Mark Russinovich to find these attacks. They are here today. A new report from Armis shows that these attacks are already occurring with increasing frequency and incurring real-world consequences for companies and customers right now.
The IoT Threat Landscape
You don’t have to take my word for it, though—or Armis’ word, for that matter. The report cites survey data from IDC that found 46 percent of organizations claim to have experienced a breach or security incident associated with IoT.
7 IoT Exploits illustrates that IoT attacks are happening and describes their real-world impact. The report explains, “The conversation about IoT attacks often revolves around doomsday scenarios that seem highly implausible outside of a James Bond movie. The reality, however, is that IoT attacks are happening all the time—possibly on your network—and most companies are not prepared to defend against them because traditional security products can’t provide the visibility necessary to detect IoT threats.”
As the name of the report implies, 7 IoT Exploits walks through seven real stories of unmanaged devices in the enterprise being compromised and causing actual damage and economic consequences for the organizations involved. The report also stresses why traditional network and endpoint security tools are not equipped to detect or defend IoT devices against these attacks.
Real World IoT Attacks
The scenarios in the report are actual examples of exploits that have been identified by Armis. One thing that seems to be common among all seven examples is that they are attacks against devices that exist at most organizations and don’t look at first glance like they represent a significant security concern.
There is a scenario of a tablet used to manage the audio and visual systems in a conference room. Armis detected that one of the tablets was eavesdropping on meetings in the Boardroom and streaming video to an external endpoint.
In another case, Armis discovered a smart TV in a customer’s conference room was infected with malware that was trying to connect to other available devices to infect them as well and spread across the network. There are scenarios where connected security cameras were infected and used as part of a malicious botnet, or an MRI machine compromised by the WannaCry ransomware, or where attackers could potentially cause catastrophic damage through vulnerable devices in a gas distribution facility.
In each case, the customer in question followed standard security best practices and employed the traditional network defense you expect—firewalls, intrusion detection, etc. However, in each scenario, when Armis came in and performed its initial device discovery, there were concerning, and potentially scary issues discovered.
Traditional Security Is Not Enough
The IDC survey referenced in the Armis report also found that 70 percent of the organizations that experienced a breach or security incident associated with IoT also reported that the incident was more costly than a traditional data breach. IoT is here to stay and growing exponentially. With billions of connected, unmanaged devices out there, it’s vital to ensure cyberattacks against them can be detected and blocked.
Check out the full report to learn more: 7 IoT Exploits: Real Stories of Unmanaged Devices in the Enterprise.