+44 (0)1635 298021 Get in Touch Support
Qolcom

Blog IoT – The New Attack Surface

Whether as part of a connected smart building using multiple sensor arrays, or an automated factory production line, the use of IoT has seen a massive explosion in recent years and it’s not about to slow down, with 75 billion connected devices predicted by 2025.

These devices are often left vulnerable due to poorly implemented software, or simply not enough attention paid to installing them in a secure manner. They present a very large attack surface for hackers to target which have led to some highly publicised attacks that are notable either by their boldness or weirdness, such as the hack of a Casino’s High Rollers Database through an aquarium thermostat, to the thousands of Wi-Fi enabled dolls that can be turned into surveillance devices within your home.

For businesses, these IoT devices pose a very real threat with the potential of direct attacks on a device vulnerabilities. Devices can be turned into bad actors from within an assumed secure network, able to attacks on the communication channels between devices to mine data. So, how can IoT be secured?

Any device that is being connected to a network must be configured with security in mind. Wherever possible, default passwords should be changed and only secure methods of remote connectivity should be used. Consider direct physical attack also, and if a device has no method of protecting external interfaces, install it in a secure location or hidden behind a panel.

The network should have the ability to confidently identify an IoT device type so that it can be categorised correctly. This categorisation will allow for a network policy to be applied, ensuring that the devices access is appropriately restricted, therefore if a device is successfully compromised and controlled, the damage it can inflict is minimal.

Finally, constant monitoring of the behaviour of these IoT devices is key. Understanding what normal behaviour looks like and then using automated, machine learning tools, to identify and address risky behaviour is the last line of defence for unsecured IoT devices.

In short, an organisation’s IoT security strategy should be built on the assumption of compromise and all measures need to be taken to prevent it in the first instance, and to identify it quickly when it does occur.

Related News & Insights

Press Release

Qolcom achieves Cradlepoint 5G for Enterprise Branch Specialisation

United Kingdom – 16th June 2022 – Qolcom, a specialist Wireless WAN as a Service provider today announced that it has achieved 5G for Enterprise Branch Specialisation from Cradlepoint, the global leader in cloud-delivered LTE and 5G wireless network edge solutions. The 5G for Enterprise Branch Specialisation identifies and recognises partner organisations that are leaders … Continued
Read now

News

Health Tech Awards

Qolcom are delighted to have been awarded Partnership of the Year at the Health Tech Awards for our project with Aruba, a Hewlett Packard Enterprise company and NHS Nightingale Hospital Exeter! Read the full story here: https://bit.ly/3D7KqcC
Read now

News

Qolcom Nursing Scholarships

QOLCOM are delighted to partner with Northumbria University and proud to pledge our support to provide two annual Nursing scholarships for the next three years. “QOLCOM’s predominant sectors are Higher Education and the NHS. Therefore, these scholarships ensure we combine our expertise in these sectors and proactively support students to enter the Nursing profession, which … Continued
Close