Today’s highly competitive and hyper-connected digital marketplace is driving new trends in networking and security, including the rapid adoption of cloud services and IoT devices. These two elements of digital transformation, while seemingly quite different in scope and purpose, are actually symbiotic in nature. This relationship can have a significant impact on how they are deployed, used and secured.
One of the hallmarks of IoT devices is their ability to generate massive amounts of data that must be transmitted, analyzed and stored. For example, IoT-based inventory controls that track consumer buying trends enable manufacturers to ensure the availability of particularly popular items.
Proactive maintenance is another use case. For example, data from IoT sensors on a factory production floor can identify things such as signs of stress in a manufacturing platform that must be addressed before a failure shuts down a million dollar production line.
In many circumstances, the huge volume of data being collected has already overwhelmed local resources. To deal with this challenge, organizations are building highly scalable cloud data centers to store and manage data, along with high-performance computing infrastructures designed to mine that data for critical information. This all can provide organizations with data-driven decisions for better business outcomes and customer experiences.
IoT devices and cloud connections expand the attack surface
As IoT devices are adopted by the thousands by many organizations, one of the most common security threats is IoT botnets that can be directed to perform malicious tasks, such as Distributed Denial of Service (DDoS) attacks. For example, Mirai — perhaps the most notorious IoT-targeted malware — managed to cause massive disruptions after infecting tens-of-thousands of IoT devices.
However, DDoS and related ransomware attacks are only part of the issue. Compromised IoT devices can also be used to intercept data such as user credentials, drop malware into networks to infect devices and disrupt business, and even carry out very specific commands delivered by their botnet controllers. Last year, half of the top 12 global exploits targeted IoT devices, according to a Fortinet Threat Landscape Report.
Because many IoT devices have processing capabilities but little in the way of security, they have become a preferred target for cybercriminals. An expanding attack surface fueled by the rapid adoption of IoT adds greater complexity and makes the difficult job of securing networks even more challenging.
Indeed, many of these IoT devices were built quickly using junk code for communications that was copied from other devices. Some were designed without security in mind at all, leaving them ripe for exploitation. And far too many of them are headless, which means they cannot be updated or patched even when a vulnerability is detected.
The unique risks of an IoT-Cloud environment
At the core of this problem are the millions of connections between IoT devices and the cloud. Every time a new IoT device needs to connect to the cloud, another possible access point into an enterprise’s network is created and the potential for a serious security incident is compounded.
As a result, your IoT and cloud security strategies should not be considered separately. Instead, like all of your edge solutions, your IoT security strategy needs to be in sync with your cloud strategy at a fundamental level.
Compromised IoT devices can deliver malware across the network to infect other IoT devices, as well as into an enterprise’s public and private clouds to compromise applications and data. Other systems that mine that data for information can then be infected, creating a conduit for infecting applications and data that can then be distributed back into the main corporate network and even out to customers.
It’s easy see how swarms of compromised IoT devices with direct connections to your cloud environment can wreak unprecedented levels of havoc.
Securing IoT and cloud connections
Securing the connections between your IoT devices and cloud environment requires the following:
- Robust vulnerability management. This ensure that as many IoT devices as possible are identified and receive proper updates, patches or hardening to ensure they can defend themselves against attack.
- Compensating controls. These controls must be implemented to mitigate the risk from devices that can’t be updated. Proximity devices, such as firewall and IPS systems, should be used to ensure any data moving between IoT devices and the cloud is inspected. Behavioral-based detection should also be used to identify any anomalous traffic, such as communications to and from botnet command and control centers.
- Encryption. This should be used where ever practical to ensure the confidentiality and integrity of information.
- Hardened security at the cloud edge. Since not every IoT device is delivering data from inside a secured environment, the cloud network also needs to be hardened. Security tools at the cloud edge need to be in place to filter and inspect traffic looking for malware, as well to prevent things such as DDoS attacks. At the same time, security tools also need to inspect traffic moving in all directions within the cloud.
- Integration and automation. All of the policies governing these security tools, as well as the correlation of any security event information they gather, needs to happen inside a single, integrated management platform that can ensure event correlation, consistency in functionality, configuration delivery and policy enforcement all through a single pane of glass.
- Security plus performance. Security platforms need to be carefully selected for their ability to function consistently in different environments and in different form factors. And whether they are deployed as an appliance or a virtual instance, they also need to be able to process massive amounts of data without slowing down critical data collection and processing. No organization should ever be forced to choose between security and performance.
Security enables organizations to take advantage of the IoT, cloud connection
IoT devices and cloud computing are helping to deliver the critical agility, innovation and productivity that are so critical for today’s digital enterprises. However, unless properly secured, they can also result in devastating data breaches and systems compromises that can disrupt productivity, ruin brands and consumer trust. Ultimately, this could cost organization millions in lost revenue as well as through fines and penalties.
A unified strategy that equally addresses IoT and cloud requirements, provides consistent controls and leverages critical threat intelligence in an integrated and automated fashion is the only reasonable way forward.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.