The number of cyberattacks targeting Internet of Things (IoT) devices is increasing and presents a growing concern for companies in virtually every industry today. According to new research from Zscaler, from May 2023 to June 2024, IoT malware attacks grew by 45% over the same period in the previous year. Experts expect this trend to persist as the total number of IoT devices continues to grow.
IoT devices are physical objects – such as security cameras, smart building management systems and thermostats, network routers, and more – that can connect to networks and the internet to collect, send, and receive data. They are embedded with specialized sensors, software, and other technologies that enable them to communicate with each other as well as other systems.
IoT Device Vulnerabilities
Yet, more often than not, IoT devices are not fully secure, making them tempting targets for cybercriminals looking to exploit device vulnerabilities and thwart a company’s cyber defenses.
Why is this the case? According to John Gallagher, Vice President at Viakoo, a provider of automated IoT cyber hygiene, the challenge is rooted in the design of IoT systems.
“Many IoT systems are built to optimize for costs, and that means IoT engineers will use general-use chipsets with custom hardware,” he says. “This leads to significant security concerns: For example, a single vulnerability in a chipset might impact hundreds of IoT device manufacturers, each needing to provide a firmware update to patch the vulnerability, which could take months or even years. Unless the IoT device manufacturer turns them off, communication methods like Bluetooth, Wi-Fi, or Zigbee might be enabled at the chip level and can be taken advantage of by threat actors.”
Who manages IoT devices – IT or operational technology (OT) teams – may also contribute to the issue. In manufacturing, energy, and industrial companies, IoT systems may fall under OT’s responsibility, which typically manages physical operations and machinery. Yet, in many cases, OT leaders often lack the specialized cybersecurity skills required to manage the unique vulnerabilities of IoT devices.
Examples of IoT Device Cyberattacks
The infamous 2016 Mirai Botnet still ranks as the largest IoT cyberattack and possibly the most well-known. Hackers successfully implemented a vulnerable IoT device and used this foothold to create an army of botnet devices to run a distributed denial of service (DDoS) attack that took down large sections of the internet for days. Industry leaders such as CNN, Netflix, Twitter, and Reddit were severely affected.
Yet more cases persist and raise new concerns. The United States recently issued a warning related to Volt Typhoon, a Chinese state-sponsored hacker group that has used IoT device attacks against critical infrastructure in the U.S. Analysts believe Volt Typhoon attempts to take control of vulnerable IoT devices to create a larger botnet it can use to target communications, energy, transportation, and water systems.
Best Practices for Securing IoT Environments
To effectively mitigate IoT-related cybersecurity risk, companies should do all they can to develop and deploy powerful security measures that can successfully defend against IoT device attack methods. Two of these best practices include network security and continuous monitoring.
- Network segmentation (or microsegmentation) is a cybersecurity approach and technology that divides the network into smaller, more isolated segments. If an IoT device is compromised and a hacker gains access to the network, administrators can limit their movement to make sure no further harm is done. “Ensuring that IoT devices are on segmented networks is critical to prevent lateral movement,” says Gallagher.
- Continuous monitoring is another critical component of a comprehensive network security strategy. Using real-time tracking and analysis of network activity, security teams are better able to detect unusual or malicious behavior as soon as it occurs, helping to prevent more damage.
Together, they provide a layered security approach. Network segmentation can reduce the total attack surface to limit the potential damage of a cyberattack while continuous monitoring provides real-time visibility into network activity to quickly detect and respond to threats.
The Future of IoT Security
As IoT adoption grows – with a possible exponential increase in the number of IoT devices – the industry will clearly need new cybersecurity strategies and tools to eliminate existing vulnerabilities. Device manufacturers are already embracing “security by design” concepts by adding more security features to their devices. Companies using IoT devices will be able to use advanced AI capabilities to power new tools to detect anomalies and respond to them in real-time. Yet one thing is clear: The future of IoT security will require a proactive, multi-layered approach consisting of prevention and rapid response.
