Uncovering the IoT blindspot in a post-pandemic world

As companies around the world look at returning to the office, they must also have eyes on their IoT devices says, Max Heinemeyer, director of threat hunting at Darktrace.

It’s not just offices our cities are becoming smarter, and our homes too. Despite this proliferation of IoT, which will only accelerate after the pandemic, cyber-attacks like the recent breach of Verkada security cameras continue to show us that too many organisations are still blind to the risk that their suppliers and IoT devices introduce to their livelihood.

The reality is these seemingly insignificant IoT devices are now entry points for vast network intrusion, and can be used to conduct espionage, create botnets, or mine cryptocurrency.

At Darktrace we are in a privileged position for AI to cyber security has enabled us to uncover some of the most weird and unthinkable attacks on these devices. In recent years, our AI has caught all kinds of shocking IoT threats, such as a compromised smart locker at a European amusement park.

In one case we caught hackers trying to infiltrate internet-connected CCTV systems to conduct corporate espionage and gain highly classified information at a major global consultancy firm. Forget the traditional goal of direct financial gain, video footage is extremely valuable in the era of deepfakes and targeted social engineering.

But why are we so consistently shown that IoT is a blindspot?

Firstly, IoT continues to have notorious security issues because most IoT is rushed to market with profitability in mind. Security is too often an afterthought in the manufacturing process. For attackers, this makes hacking these devices too easy abusing simple misconfigurations, brute forcing login credentials and generally exploiting insecurity by design.

What is more, IoT communication can be extremely complex as it is often between machines or devices. Understanding the ‘normal’ flow of IoT data is not possible for humans to pre-define.

Legacy technologies such as firewalls can only protect against ‘known’ attacks on these devices, and vulnerability scanners can detect known exploits and misconfigurations, but attackers are growing increasingly innovative and novel when it comes to launching IoT attacks. The Verkada hack serves as the latest case in point.

With IoT set to become more pervasive than ever in the post-pandemic world, it is crucial that we make it cyber safe. This will require a multi-layered approach governments need to make it harder to bring insecure IoT to the market and it must be easier for consumers to recognise when an IoT device is cyber-insecure. At the same time, organisations must adopt a zero trust policy with IoT and be empowered to stop the earliest signs of IoT compromise.

The complexity of IoT communication is such that no human security team can now manually track and secure these new digital environments. The risk is inherent and must be managed by continuous monitoring and real-time response.

Max Heinemeyer

That’s why we’re seeing organisations on the edge of innovation turning to artificial intelligence to not only detect but autonomously respond to emerging attacks across these dynamic environments.

One example is McLaren Racing, the Formula 1 giant, which uses AI to monitor and auto-defend data travelling from the IoT sensors on its race cars to its HQ in less than 100 milliseconds. The breadth of this complexity and speed would take around 60 security analysts to track manually. Another example is the City of Las Vegas, a prototypical smart city powered by IoT, which has deployed AI across its operations to constantly monitor its diverse digital world and respond to attacks wherever they may strike.

Based on a ‘normal’ understanding of behaviours across a digital environment, AI is crucial for detecting the unknown and never-before-seen attacks against IoT and is undoubtedly the key to uncovering the IoT blindspot that persists.

The author is Max Heinemeyer, director of threat hunting at Darktrace.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow


9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

US businesses show IoT investment resilience, despite pandemic

Posted on: September 20, 2021

Despite the adversity caused by the COVID-19 pandemic, grounds for optimism remain for IoT spending in the US.

Read more

Tyk secures $35M investment to revolutionise software delivery for enterprises

Posted on: September 20, 2021

Tyk, a London-based global tech company, announced it has closed a $35M (€29.87M) growth equity funding round led by new investors Scottish Equity Partners (SEP), alongside existing investors MMC Ventures.

Read more