How to protect corporate IoT devices | Kaspersky official blog
Credit to Author: Hugh Aver| Date: Mon, 04 Jul 2022 16:10:36 +0000
IoT devices have long been an integral part of the technological and production processes of many modern companies. They are used in industrial facilities, in smart buildings, and in everyday office life. However, their safety has always raised concerns. Especially considering that many devices require access to remote systems via the Internet — for firmware updates, monitoring, or management. In fact, the introduction of IoT devices into corporate infrastructure greatly increases the attack surface, and there is no way to equip every device with protective technologies.
What should IoT devices be protected from?
In general, some unprotected network device can become a foothold for further attacks on corporate infrastructure. There are several search engines that can scan ranges of IP addresses according to given parameters (analogues of the Shodan system). In theory, these are the tools of researchers, but in fact they are also often used by cybercriminals, who can search for vulnerable or simply outdated IoT devices connected to the Internet. Then everything depends on the intentions of the attackers and the specific weaknesses of the IoT device — sometimes criminals try to seize control through the web interface, sometimes slip a fake firmware update, and sometimes they simply disable the device. IoT botnets are doing something similar, infecting many IoT devices and using them for further DDoS attacks.
Another possible malicious use of IoT devices is spying. Last year, a group of hackers gained access to 150,000 IP cameras in companies, hospitals, schools, police stations and even prisons and released a number of videos. This incident shows well how easy it is to look into the premises of quite secret organizations. But espionage is not limited solely to cameras — attackers can try to intercept data streams from a variety of devices (for example, some kind of sensors).
Industrial Internet of Things (IIoT) devices present an even more severe problem. The potential interference in the production processes of a critical infrastructure facility can lead to catastrophic consequences for both the company and the environment.
How to protect IoT devices
In order to secure the entire fleet of IoT or IIoT devices used in your company from cyberthreats, it is not at all necessary to isolate from the Internet. Their communication with cloud services can be organized through a specialized security gateway. Recently we presented such a solution — the Kaspersky IoT Secure Gateway 1000.
Our gateway is able to protect IoT devices from network attacks, DDoS, MitM attacks, and other malicious activity. Kaspersky IoT Secure Gateway 1000 is built as part of a cyber immunity strategy based on our own operating system, KasperskyOS, thanks to which it is itself reliably protected from outside interference.
You can learn more about the principle of cyber immunity and using KasperskyOS n the Best Practice Cyber Immunity 2022 whitepaper. It also contains several real cases of the Kaspersky IoT Secure Gateway 1000 usage for protection of critical infrastructure.
Kaspersky IoT Secure Gateway 1000 is managed through the Kaspersky Security Center console, which allows network administrators to view all security events and provides specialists with information about running IoT devices. It supports Syslog and MQTT protocols to send events to external monitoring systems and cloud platforms, including Microsoft Azure, Siemens MindSphere, AWS, IBM Bluemix and others. Detailed information about the device itself, as well as about other cyber-immune developments of Kaspersky Lab, can be found on the Kaspersky IoT Infrastructure Security page.