The growing threat of Wi-Fi enabled IoT
Ryan Orsi of WatchGuard Technologies
There is a saying, ‘fast, cheap and good – pick two.’ This appears to apply to the IoT as manufacturers race to get new fast and cheap products to market, but at the expense of security.
There is no shortage of stories where IoT devices have been compromised, but when you start to combine the security vulnerabilities of the IoT with Wi-Fi, things begin to look a lot scarier, says Ryan Orsi, director Product Management at WatchGuard Technologies.
Let’s start with some IoT vulnerabilities by looking at the main attack vectors:
- Network Services – IoT devices are connected to the network for a reason but when users set up these remote services, security usually isn’t top-of-mind. For example, an IoT webcam could be assigned to an open, unprotected port giving access to a user’s network.
- Man-in-the-Middle (MiTM) Attacks – As IoT devices are not actively managed, this allows hackers to launch MiTM attacks in relative obscurity over wired or wireless networks. Today, the majority of wireless hacks involve a MiTM attack.
- Cloud-based IoT – Most IoT devices have a cloud-based application that helps to manage the device. When these cloud services have poor security, they’re a prime target for hackers. After infiltrating the cloud service, attackers typically gain access to a plethora of user account information and devices. So essentially, access to one device is access to all devices associated with the service.
In 2016, the Mirai botnet emerged, taking down Netflix, Twitter and more. It exploited IP cameras, DVRs, and other household routers by scanning open ports connected to the Internet and then trying 61 common user name and password combinations that were found in manufacturer user guides. Once they gained access, the hackers had control of these devices and used them to launch the world’s largest DDOS attack against cloud DNS host Dyn from more than 160 countries.
While Mirai was not a Wi-Fi vulnerability per se it did highlight the fact that Wi-Fi is a major IoT attack vector for hackers. MiTM attacks are often used to gain access to Wi-Fi networks and once in, hackers can search for vulnerable IoT devices and plant back-door malware that will give them access to a network from anywhere in the world.
Think about the impact this could have. For example, telemedicine devices like home heart monitors or blood pressure sensors that gather information and send them back to physicians over Wi-Fi could be compromised. Or what about Point of Sale (POS) systems running payment-processing systems across Wi-Fi connected tablets.
This risk rises to another scale when connecting to a city wide public hotspot. Municipal Wi-Fi is designed to allow all devices to connect to an open, unsecured Wi-Fi network. South Africa has one of the largest municipal Wi-Fi networks, which supports connections from 1.8 million unique devices.
If you join an unsecured open Wi-Fi network with your IoT device, there’s a chance you’re vulnerable to an attack. While this is becoming a hot issue, there remains a clear lack of motivation to secure IoT devices, putting the focus on government to introduce regulations as the fastest way to get manufacturers to prioritise security by design.
Organisations offering Wi-Fi can also take matters into their own hands to help ensure consumer safety.
If you’re delivering Wi-Fi to customers, employees or partners, consider these five tips:
- Deploy a new Wireless Intrusion Prevention System (WIPS) that can easily isolate rogue APs and stop MiTM attacks in real-time.
- Use Wi-Fi network segmentation to separate guest and private networks. Not only will this boost performance but will help keep any intrusion contained.
- Use policies to segment IoT devices like web-cameras, thermostats and others away from guest and private networks.
- Use a Unified Threat Management (UTM) appliance to secure the traffic as it traverses each network segment.
- If you’re not an expert in network management or security, hire a managed security service provider (MSSP) to handle the burden.
Until the market demands better security, hackers will continue to exploit vulnerabilities in IoT, costing the industry dearly. But companies can help by taking the necessary steps to deliver secure Wi-Fi for customers and employees. As IoT devices multiply, having secure Wi-Fi will be vital to keeping them safe. It’s time to tell IoT manufacturers that we want better security. If we don’t take security seriously, then neither will they.
The author of this blog is Ryan Orsi, director Product Management at WatchGuard Technologies
Comment on this article below or via Twitter @IoTGN