The Internet of Things (IoT) is gaining ground. As noted by ZDNet, the number of connected devices is on par with the global population. This proliferation of endpoints will give rise to what IDG Connect called a “jobs revolution.”
But it’s not all smooth sailing. According to CSO Online, IoT devices create a kind of security “blind spot,” which opens unique avenues of attack for malicious actors. In light of this expanded threat surface, the Industrial Internet Consortium (IIC) released an “Endpoint Security Best Practices” guide to help companies transition from talking about IoT security to actively implementing effective controls.
Endpoint Protection Key to IoT Security
The rapid adoption of IoT ecosystems creates a familiar problem: companies prioritizing speed over security to be first to market. As a result, attackers are exploiting limited security controls to compromise connected systems.
Consider the increasing use of botnet-based threats that leverage insecure devices such as digital cameras and wirelessly connected sensors. In many cases, IoT security amounts to little more than recycled login and password information, enabling cybercriminals to create high-volume botnets that can compromise even robust web services. As noted by Semiconductor Engineering, the sheer volume of data processed by these devices is also on the rise, making them lucrative targets for threat actors looking to lock down or steal critical corporate information.
Even attempts to curb potential IoT security oversights often fail to strike a balance between efficacy and potential data exposure. According to Dark Reading, legislation currently under discussion in 17 states would compel original equipment manufacturer (OEMs) to share source code, operating system information and security schematic data with any product owner to assist in repairing or restoring damaged devices. The problem is that malicious actors could use these provisions to insert their own malicious code or simply purchase the products in question to gain intimate knowledge of IoT security and reverse engineer attacks.
Actionable Advice From the IIC
While these threats aren’t new, the IIC guide detailed how specific controls and countermeasures can be used to achieve defined security levels:
- Basic — This includes root of trust (RoT) protocols, which provide endpoint identity and attestation of software integrity, along with secure boot services, cryptographic services and secure communications.
- Enhanced — The next level of security adds endpoint management and configuration designed to improve control on a device-by-device basis.
- Critical — These measures include security information and event management (SIEM), which allows organizations to continuously monitor devices and respond to potential compromise attempts using contextually triggered rules.
As noted by Infosecurity Magazine, the IIC’s endpoint advice is “primarily targeted at improving the security of new endpoints,” but can also be used to improve legacy IoT devices. According to the IIC, these best practices aren’t intended as “the basis for certification or as a checklist,” but could help inform organizations as they develop their own certification protocols.