Most IoT (Internet of Things) connected devices include cameras, printers, and routers. These devices often leave networks exposed to cyberattacks if they aren’t properly and efficiently secured. However, only home and office networks don’t leave open to malicious applications from hackers targeting the Internet of Things. Most sensitive infrastructures are also endangered because IoT security isn’t correctly managed for the network.
Microsoft has also warned that it would potentially expose the entire industrial control systems. The tech giant said its researchers examined exposed IoT devices within the networks of water utility providers. They monitored threats against sensitive utilities and infrastructure. However, Microsoft Defender Threat Intelligence data used so-called Open-source Intelligence.
Draytek Vigor Routers are More Vulnerable Devices
The team of researchers started searching for exposed IoT devices, connected to the networks of water utility providers. They discovered that such facilities were critically affected by those who were using Draytek Vigor routers. The team also described exposed cameras and Wi-Fi devices. The tech giant said its team also observed attackers elsewhere using the remote code execution susceptibility.
They discovered the flaw in Draytek Vigor devices with the execution of the Mirai botnet (CVE-2020-8515). Microsoft warned that remote code deployment susceptibilities take place when attackers get device access. The remote code CVE-2020-8515 enables hackers to run malicious commands on targeted devices and move next to each other.
Attackers can Access Unprotected Devices Within the Network
Attackers can also access other susceptible devices within the network that weren’t instantly vulnerable to the internet, like SCADA systems. However, the company has also released a dedicated patch to secure Draytek routers against susceptibility for around 2 years. The nature of IoT devices often needs to apply updates from their network administrators.
Meanwhile, network administrators must apply updates on all devices within the network. Microsoft recommends 4 actions to secure and protect against possible cyberattacks. It would also ensure the security of Internet of Things devices for their connected networks. The following are four recommendations:
Four Recommendations from Microsoft
- Organizations must use an IoT-specific cybersecurity solution and implement a significant IoT and OT (operational technology) security solution. It would provide monitoring and visibility of entire IoT and OT devices, including threat detection and response. This approach allows the detection and mitigation of susceptibilities in order to protect networks against attacks.
- You must enable susceptibility assessments to secure IoT devices. However, regular susceptibility assessments efficiently help to discover unpatched flaws in IoT devices. The tech giant recommends the implementation of updates to avoid hackers executing malicious code and other harmful materials. It would efficiently decrease the attack risks on IoT devices.
- Protected IoT devices don’t need to face the open internet that was exposed to them. This could eliminate unneeded connections to IoT items to decrease the entry points for supposed attackers to execute attacks. You can also apply network segmentation in the breaching event of an IoT device. However, it isn’t feasible to move from there to industrial control systems or other infrastructures.
- The increase in network security could enforce extra security measures including enforcing multi-factor authorization. It helps to avoid attackers from accessing systems, even if they maintain the exact username and password. This has become essential to recognize the importance of perfect security implementation around IoT and OT devices. It would ensure security against possible attacks.