Johannesburg, 30 Nov 2023
On average, a ransomware attack in 2022 took 237 days to identify and 89 days to contain – 49 days longer than the average data breach. It's like discovering a hidden leak in your newly remodelled kitchen after your contractor was long gone. Just as the late detection of a kitchen leak can leave extensive water damage and a hefty repair bill, a delay in identifying ransomware breaches can wreak havoc on an enterprise's digital infrastructure and bottom line.
IOT devices, such as video surveillance cameras and ATMs, are to blame for many of these kinds of attacks. They not only expand a business's attack surface but can also act as entry points to the corporate network and be easily exploited. With an increasing reliance on IOT, enterprises need secure IOT tunnelling that locks down communication and provides network access to only trusted users.
Let’s explore IOT tunnelling – a vital upgrade in one’s digital security blueprint, ensuring vulnerabilities are spotted before they turn into digital floods.
Why do IOT devices pose more security risks?
Sometimes called “headless” devices, IOT devices are a prime target for security threats due to their basic hardware and communication protocols. They typically require a simple password for access, have one primary function and don’t have the processing power to incorporate onboard security. Think of video surveillance cameras placed around a building, where the device’s sole purpose is to record video – security isn’t really its forte.
To put things into perspective, say a bad actor gains access to the network through an IOT device due to an exposed internet protocol (IP) address, because they’ve compromised that device, they can now move laterally to other parts of the network. This can happen over the course of months, as hackers cautiously work to determine network topology. Eventually, they’ll find what they came for, putting the entire network at risk. A real-world example of this is the massive 2013 breach where a malicious actor gained access to payment data for millions of customers through a third-party managed HVAC system.
Accessing a wired or fibre connection for a remote IOT device isn't always a straightforward task. Take, for instance, smart cities with abundant fibre connectivity. Often, that connectivity is allocated to enable essential infrastructure like traffic controllers. However, the process of digging trenches to lay fibre underground and running it up utility poles is costly and disruptive to traffic operations. 5G has made connecting IOT devices easy, fuelling a surge in their adoption by enterprise businesses. IT teams can now quickly and seamlessly connect dispersed IOT devices in locations where fibre isn’t the best option. 5G delivers faster, more reliable, low-latency connectivity, enabling real-time data processing and applications that weren’t possible with older technologies.
What factors should an enterprise consider when improving the security of IOT devices?
Because of the inherent security risk IOT devices bring, it’s important for enterprises to take the right steps to secure their connections. A few factors to keep in mind:
Hidden IP addresses
Enterprises are more vulnerable to data and resource loss when their IP addresses are publicly exposed, and securing traffic over the WAN via encryption is imperative for those utilising a public cellular network. While a traditional virtual private network (VPN) can establish secure, encrypted connections over public networks, it falls short in protecting IP addresses. Using a solution based on zero trust principles conceals these IP addresses to prevent network topology discovery and lateral movement.
Denial by default with zero trust
A zero trust security model challenges the traditional notion of trust within a network. Instead of assuming that everything inside a network is trusted by default, it operates on the principle that no user is trusted and must be continually verified, regardless of the location of the user or device. Zero trust IOT protection ensures IOT devices don’t have any more access than is absolutely necessary and can only communicate with authorised hosts.
What sets IOT apart from standard user access is its inherent simplicity. A video camera may primarily communicate with a video management system (VMS) while transmitting a live feed to a real-time monitoring station. The camera's communication needs are limited, and zero trust tunnels help secure this by restricting communication to only those essential applications, ensuring that the camera interacts with nothing else.
Secure third-party access
Enterprise IOT security risks are further amplified when third-party contractors and suppliers enter the picture. Often, they need access to the network for set up, troubleshooting, management, and operation of these IOT devices, so securing IOT remote access is critical.
With a ZTNA solution, businesses can manage user-to-IOT connections and provide simple and safe access to only the systems on the WAN they are authorised to access without having any visibility or access to anything else.
How IOT tunnelling enhances network security
To minimise the risk of an attack, organisations should create a network environment that aids in the protection of their IOT devices.
With the right solution in place, businesses can create secure tunnels for their IOT routers for locked-down communication, minimising the risk of a lateral attack. By switching from a VPN to a network built on zero trust principles, such as Cradlepoint’s NetCloud Exchange (NCX) Secure Connect, organisations can easily deploy and scale secure zero trust tunnels for IOT routers, enabling end-to-end encrypted communications.