Are You Sitting on an Enterprise Device Security Time Bomb? | ArcusTeam
Are You Sitting on an Enterprise Device Security Time Bomb?
Enterprises regularly face the challenge of securing conventional IT assets, such as computers and phones. However, their threat landscape has extended beyond traditional IT assets and into the domain of connected devices. For example, IP cameras, printers, and just about any device that has the potential to connect to the network.
This growing domain poses a significant challenge for enterprises. The main reason for this is that as the number of connected devices continues to grow, so too does the attack surface that accompanies them. Despite the plethora of benefits connected devices offer across industries, their innovation comes at a potentially high cost to your enterprise’s security.
Palo Alto Networks 2020 Unit 42 IoT Threat Report sheds light on the declining security posture of IoT devices, the current challenges enterprises face with securing threats originating from these IoT devices, and which IoT devices are the most susceptible to attacks. In this blog post, we’ll be discussing what we perceive as the main takeaways from this report and what we think enterprises need to focus on to secure networks and assets.
A Growing Field, a Growing Problem
The IoT device industry has been growing exponentially over the past couple of years and is a trend that has no end in sight. In 2020, there were 9.9 billion IoT devices installed and this number is predicted to reach 21.5 billion by the year 2025! Today, IoT devices make up for more than 30% of the network-connected endpoints at the average enterprise, leaving enterprises with a significant enterprise device security problem.
According to Palo Alto’s report, 98% of IoT traffic is unencrypted, allowing hackers that successfully bypassed an enterprise’s first layer of security and established command and control to easily listen to unencrypted network traffic. This means that sensitive and confidential information on the network will be readily available to hackers to use and exploit. Even more worrisome is that 57% of IoT devices are vulnerable to medium or high severity attacks, which gives attackers an easy opportunity to make your enterprise the victim of the next large scale attack.
Enterprise Device Security Challenges in the Realm of IoT Security
Enterprises face a few major challenges when it comes to their enterprise device security. One of those challenges is that their currently deployed tools do not support IoT devices. Frequently, enterprises turn to agents for their endpoint protection systems. However, most IoT devices run on obsolete operating systems that do not support running an agent. Without this ability, enterprise device security teams are unaware of their IoT devices’ risks, leaving them open for exploitation.
A second challenge is that enterprises cannot correctly identify all IoT devices in their network. Without proper identification of these devices, security teams cannot accurately secure them (they cannot protect what they cannot see) and risk jeopardizing their enterprise network security
A Device Security Time Bomb
IoT Threat Trends
Without the proper enterprise device security methods in place, IoT devices’ vulnerabilities are easily exploited. According to the report, 41% of attacks that take place occur through device vulnerabilities. To make matters worse, most hackers don’t stop at the device level but can then leverage this vulnerability to gain access to other systems in the network to attack.
Faulty Passwords Leading to Attack
Hackers often carry out password-related attacks using weak or default passwords used by manufacturers and the poor security practices surrounding them.
Unsupported Software and Operating Systems
Security systems heavily rely on patching through security updates to keep their enterprise security up to par and protect their systems and networks from attack. IoT devices often run on unsupported software and operating systems reaching their end-of-life (EOL), which makes patching the devices impossible because security updates are no longer available.
For the IoT devices running on EOL operating systems, they are vulnerable to old and well-known exploits because they cannot receive security updates against them. Scarily, 83% of medical imaging devices have this very problem of EOL and unsupported operating systems.
Zero-Day Vulnerabilities go Undiscovered
One of the major challenges CISOs face is their current vulnerability management solutions‘ inability to identify zero-day vulnerabilities. If these vulnerabilities go undetected, enterprises’ corporate networks are open to a whole array of unknown attacks. That’s what happened when two zero-day vulnerabilities were discovered in Cisco routers, allowing hackers to remotely gain access to the devices and crash its security processes. This type of attack can have serious repercussions on an enterprise.
Even more worrisome is that known vulnerabilities are slipping between the cracks, because of the incompatibility of connected devices with existing vulnerability management solutions. Oftentimes, these implemented solutions require connected devices to undergo a client or agent installation to ensure connected device security. However, the overwhelming majority of connected devices are unable to undergo these installations, leaving known vulnerabilities undetected.
No Prioritization of Connected Devices to Secure
Most vulnerability management solutions provide CISOs and security teams with long lists of network vulnerabilities. Unfortunately, the list does not prioritize vulnerabilities based on their location in the network or their importance to business processes.
Without this crucial information, CISOs have no way to differentiate between critical devices that are crucial to business operations and need immediate mitigation, and those that are rated as critical but are actually of lower importance to business processes and do not require immediate mitigation.
Mitigation of Connected Device Vulnerabilities
CISOs receive an exhausting list of vulnerabilities, and their security teams spend a grueling amount of time manually implementing mitigation measures for found vulnerabilities. Without an automated solution, security teams cannot possibly mitigate all critical vulnerabilities in a timely manner, leaving their enterprise’s networks open to attack and their connected device security ineffective in the long-term.
Multiple Tools for Connected Device Security
There currently is no one tool that can support all types of connected devices, which leaves CISOs juggling multiple tools to stay on top of the security issues of all of their connected devices. Using multiple tools for connected device security is not only inefficient and expensive, but also allows for certain devices to slip between the cracks.
Current market solutions only identify attacks taking place after an attacker has managed to infiltrate the corporate network. These attacks can go undetected for months, resulting in vast damages to the corporation. With reactive solutions, CISOs are struggling to stay ahead of attacks, and desperately need a predictive solution that enables them to avoid future ones.
ArcusTeam’s Take on it all
With the growing threat of connected devices, enterprises need a centralized solution now more than ever to help them safeguard their networks from attacks and effectively manage device vulnerabilities.
ArcusTeam’s EDGE platform offers enterprises a proactive approach to their enterprise device security. In a single platform, EDGE continuously predicts, identifies, assesses, prioritizes, and mitigates any potential cyber threats – before they threaten your connected networks. With EDGE, your enterprise can get all the benefits from your connected devices, but without all the risk.