Addressing the Growing IoT Risks to the Enterprise
Many organizations aren’t keeping up with key IoT security requirements, and hackers are increasingly planting backdoors to launch automated IoT botnet attacks.
6.4 billion IoT devices currently exist, and that figure is projected to rise to 20 billion by 2020. 65% of enterprises are actively deploying IoT technologies.
Many security systems use proprietary RF technology that lacks authentication and encryption. Many also fail to use frequency hopping, which protects against jamming and spoofing.
HVAC systems typically operate on the same network as internal systems. Thus, hackers can intercept data, escalate privilege and carry out attacks. They can also manipulate controls.
Without physical access, hackers can compromise printers to siphon their private documents. They also can gain administrative control of the printer.
These devices can be subject to remote snooping and, in some cases, the speakerphone can be switched on without the knowledge of the user.
Lax certificate checking and other vulnerabilities open the door to a man-in-the-middle attack to intercept communications and modify traffic between a client and server.
These devices, which rely on mesh networks, can be sniffed by attackers. They can extract password-protected WiFi credentials and other data.
Attackers can use the internet—as well as wireless communication protocols like WiFi, Bluetooth and ZigBee—to spread an infection. Any network within wireless range is susceptible.
Discover and classify all devices at the time they are connected
Control network access based on device type and behavior
Integrate islands of security and leverage existing investments
Security teams should consider a comprehensive and agentless approach that delivers real-time visibility into devices, while eliminating the need for constant re-deployment of security controls.