Rapid changes in how Internet of Things (IoT) devices around us interact with each other have created a landscape defined by unprecedented security vulnerabilities. There are three main security concerns with them and some possible fixes.
In December 2020, Forescout identified 33 vulnerabilities impacting four open source TCP/IP stacks. These are used by millions of devices around the world. They allow attackers to target a smart home or an automated industrial environment and use nearly any device as an entry point into the network.
According to IBM, the average cost of a data breach is just under $4 million, and it takes organizations an average of 280 days to identify and contain a breach. Meanwhile, the destructive potential of botnets has grown over the past few years. They propagate malware, mount distributed denial-of-service (DDoS) attacks, and spread disinformation on social media.
Problem 1: Unsecured API Connections Application programming interfaces are widely used for devices to communicate with one another but are rarely built with robust security. For instance, when a data analyst directly accesses a database, most security systems will log that user's name and role. But an external user may not have to offer those credentials. So, two log entries can be as such:
● John_Smith: Data Analyst – 172.20.118.97
● App_User: Service Account – 172.20.0.159
Only one of these gives you useful information about the user's identity. If your smart devices and IoT equipment don't collect useful data, you lack edge-to-end network visibility.
Cyb ..
Support the originator by clicking the read the rest link below.
