IoT under attack: Security is still not good enough on these edge devices

Most enterprises don't have visibility into the IoT devices that are being attacked by hackers who want to breach corporate IT networks.

Forgotten, unmanaged, and unpatched: How IoT devices are the door to bigger problems

With IoT botnets continuing to cause problems and attacks on critical infrastructure an ongoing menace, Microsoft has conducted research to find out whether edge network devices are a threat to enterprise systems. 

The Microsoft-commissioned survey, conducted by the Ponemon Institute, looked at Internet of Things (IoT) and Operational Technology (OT) devices and what security threats they posed to IT systems that were once separated from edge network devices. OT includes devices and software used to monitor and control industrial equipment, bringing a physical element to cybersecurity. 

The survey of 615 IT, IT security and OT security practitioners across the United States found that 51% of OT networks are connected to corporate IT networks. Microsoft details key findings in a blogpost and has released a report. 

SEE: Hackers are turning to this simple technique to install their malware on PCs

Some 88% of respondents said their business IoT devices are connected to the internet for things like cloud-printing services while 56% reported devices on their OT network were connected for remote access. 

Microsoft points to the Mozi P2P IoT botnet, which, for example, targets vulnerabilities in video recorders and other IoT products, including popular network gateways. Microsoft reckons Mozi demonstrates how business networks can be breached by compromised edge devices that were once assumed to be air-gapped from internal platforms. 

The Ponemon Institute survey found that only 29% of respondents had a complete inventory of IoT and OT devices. Most respondents (64%) had low or average confidence that their IoT devices are patched - and the same proportion admitted they did not know if the devices had been compromised.

Multiple attacks on VPN appliances over the past year have also demonstrated these can be a soft spot in enterprise and industrial networks. The US Cybersecurity and Infrastructure Agency (CISA) this week warned organizations of a new set of critical flaws in SonicWall's popular mobile remote access SMA 100 Series appliances.

The survey suggests there is awareness among IT managers since 39% of respondents said they've experienced an attack on IoT or OT devices in the past two years. Additionally, 35% said they'd experienced an incident where an IoT device was used to conduct a broader attack, such as ransomware, or to gain persistence on a network. And most respondents (63%) believe attacks on IoT/OT devices will increase significantly in coming years. 

Show Comments