Ransomware and the Internet of Things

Version imprimable, PDF et e-mail

Dark Reading has an article on the potentially catastrophic effects of an Internet of Things (IoT) Ransomware attack. Moving beyond things like cameras, DVRs, smart toys for the kids, and other consumer level devices, the Internet of Things is home to some powerful and significant systems. Public school security, hospital medical devices, building HVAC systems, city street lights … all of these can be found on the Internet of Things. What happens when a criminal holds them for ransom?

Most businesses can trust their IT professionals to give them the best security possible with the resources available. The problem is that there are multiple layers of challenges to IoT security:

  • Multiple vendors and device types bring multiple management points and various security baselines
  • The Internet of Things is similar to BYOD and remains uncontrolled in many companies
  • Criminals often have more resources than the IT staff of an SMB or K12 organization
  • Security for IoT devices is often thought of after deployment
  • Many device passwords are never changed, and some are hard-coded and cannot be changed
  • There is no simple way to apply patches to all devices

With all of that and more in the mix, how can a company protect its network?

The first thing should be to establish controls on the company network. Who can add a device to the network? The person in charge of the environmental controls and smart thermostats doesn't have to be the person who is securing them. Assign the responsibility to someone who is capable of evaluating the security of the devices as well as how those devices will impact the network.

Create and follow minimum security standards. Disable the default credentials, create a new user for the device administrator. Close unused ports and disable unused services.

Take advantage of the security features on the devices. For example, Nest just added optional two-factor authentication to its products. It may be a nuisance to take the extra couple of steps to log into a camera or a thermostat, but it's worth it to secure these devices.

Organize the management of these devices as much as possible:

• Inventory the network, document the approved devices, remove the devices that are not necessary and approved
• Set up the management of remaining devices in a single ‘pane of glass' if possible
• Schedule recurring update checks on all of the devices and install updates as needed
• Document and keep copies of any custom configurations of your devices

Secure the devices with a perimeter firewall, just like you would any endpoint on your network. Look into additional network security specifically for these smart devices, if necessary. Barracuda offers a family of NextGen Firewalls that can protect a single office or a central office with multiple branch offices and IoT endpoints. The Barracuda NextGen Firewalls F-Series is a family of hardware, virtual, and cloud-based appliances designed to secure intelligent perimeters and dispersed network infrastructures. The F-Series cloud-ready firewalls offer a suite of powerful and robust features, including the capability to secure Machine-2-Machine connectivity and the Internet of Things.

Maintaining reliable backups is key to recovering data from a ransomware attack. Even if you do not have data stored on your devices, you will experience downtime and probably some frustration if you have to reset all of your devices from memory. Your documentation and organization will be very helpful if your devices are hijacked.

If you would like more information on ransomware, follow our blog here, and see our corporate ransomware website here.

For more on how Barracuda can help you secure your endpoints on the Internet of Things, see our IoT & Machine-2-Machine connectivity website here.

Remonter en haut de page