HomeINTERNET OF THINGSSecurity Asset Management For IoT - Looking For The Unknown

Security Asset Management For IoT – Looking For The Unknown

IoT And IoMT – Where The Differences Lie

Gartner and Cisco estimate that by 2021 there will be between 25 and 50 billion connected devices in use. And the trend towards networking machines or devices with applications using the Internet of Things (IoT) and Internet of Medical Things (IoMT) is continuing. Because by using an IoT platform, industrial companies can make their business and manufacturing processes more efficient. On the other hand, connecting medical devices and programs through IoMT makes it possible to improve patient care and increase operational efficiencies. However, IoT differs from IoMT in some features.

The Internet of Things Contains A Variety Of Technologies

The Internet of Things is a collective term for a variety of technologies. The approach is based on networked machines, systems, and devices via the Internet. Each of these devices contains a unique identifier and can transmit data over a network without requiring human-to-human or human-to-computer interaction. IoT applications are one of the main drivers for the rapidly increasing data volume in the coming years. Additional technologies are needed to implement IoT, such as sensors, wireless connectivity, edge computing, IoT security, blockchain, artificial intelligence, or machine learning algorithms. An important sub-type of IoT is the Industrial Internet of Things (IIoT), often used as a synonym for Industry 4.0.

Internet of Medical Things As Part Of Telemedicine

The Internet of Medical Things, i.e., the IoT in healthcare, medical devices, and applications connected to IT systems via the Internet. This creates a networked infrastructure consisting of medical technology data, suitable programs, and medical services. Due to the high sensitivity of medical data, IoMT concepts must meet the most increased security and data protection standards.

IoMT is an integral part of telemedicine, improving medical care and patient monitoring. The software can alert medical staff to health problems using the values transmitted by sensors. In addition to telemedicine, IoMT is also used in medical research, where patient data is evaluated anonymously. With the advent of IoMT, medical device manufacturers can monetize the data generated by devices. In addition, the monitoring of patients with IoMT-based sensors opens up new possibilities for health prevention.

Attacks On IoT Environments By Botnets And Other Malware

IoT and IoMT environments are popular targets for cybercriminals because they are often inadequately protected. Since March 2019, the further developed malware Mirai has also threatened IoT environments in companies and healthcare facilities. Hackers can access 27 different exploits with the new version of the botnet Mirai. Once Mirai has infected a device in an IoT environment, it becomes a remote-controlled bot and part of the network. Such botnets can then be used for DDoS attacks. The botnet works are highly effective: Mirai scans the Internet for IoT devices running a simple version of Linux. This can be, for example, network routers, medical devices, surveillance cameras, or even vehicles.

If the botnet finds an open telnet port with a default username and password, the hacker can launch a cyber attack. After logging in, Mirai transmits the IP address and access data to a reporting server. The data of the device used via IoT is then recorded. With this data, Mirai can download more malicious payloads and device-specific malware. Recently, a new botnet called BotenaGo was discovered that contains over thirty exploits capable of attacking millions of routers and IoT devices. These threats demonstrate the urgency for organizations to protect their IoT environment from cyberattacks with connected assets.

How To Protect An IoT Environment That You Don’t Know

With the increasing networking through IoT, the security risks in industrial environments and healthcare facilities are increasing. However, users must know which devices and assets are connected to the IoT network to protect them. Therefore, it is not surprising that security experts are no longer just talking about shadow IT but also about shadow IoT. As a recent survey by Armis, provider of asset visibility and security platform, shows, only 45 percent of the companies surveyed in the DACH region know the exact number of their IoT-based devices and assets. The biggest problem with this is: In most cases, too few decision-makers have an overview of the IoT devices used and also do not have suitable means of detecting and classifying them.

Security Risk From Undetected IoT Devices

Opinions differ when it comes to assessing the risk of undiscovered devices. 36 percent of those responsible who were surveyed classify the risk from undiscovered devices as low or high (in Austria 37 to 38 percent and Switzerland 35 to 38 percent). Nevertheless, a majority of 65 percent of German respondents consider it likely or very likely that their devices forward data via the Internet, and thus devices and data can be accessed (72 percent in Austria and 74 in Switzerland). However, 46 percent of those surveyed in Germany would be reluctant to do without IoT devices in favor of greater data security (in Austria, 48 percent and Switzerland 41 percent).

Only half of the German respondents are sure that all IoT devices are recorded in their company (53 percent in Austria and 46 percent in Switzerland). Astonishingly, only 14 percent of companies in Germany and Austria are aware of application platforms for detecting and classifying IoT (12 percent in Switzerland). Therefore, 44 percent assume that a manual search for undiscovered devices is necessary (in Austria, 54 percent and Switzerland 51 percent).

Healthcare Facilities: Popular Target Of Cyber Attacks

Networked medical devices in an IoMT environment, in particular, entail significant security risks. Healthcare facilities like hospitals are the sector most affected by cyber attacks. This is also shown by the case in which an infusion pump from the manufacturer BD Alaris, used millions of times in IoMT environments, was endangered by the Urgent/11 vulnerability. With the increasing number of networked devices, more sensitive patient data is collected. For example, the resale price of a medical record is ten times the price of a stolen credit card number. This is because medical records contain personal information about a person’s health and other information that hackers can use for identity theft.

Ransomware attacks on healthcare organizations are also on the rise. Cybercriminals block access to business-critical systems, devices, and data to extort a payment from the organization. This is mainly because IoMT devices are more vulnerable than other assets, thanks to specific vulnerabilities. Because many medical devices such as an MRI scanner run on outdated and therefore vulnerable operating systems. IT departments lack diagnostic tools to look for malware and patches. This is due to the inherently limited storage and computing resources of IoMT devices.

Practical Solution: Security Asset Management

The Covid-19 pandemic has contributed to the fact that the assets and devices used in the IT infrastructure of organizations have increased in complexity. Along with adopting remote working and distributed operating models, IT teams needed to accelerate digital transformation to keep the business running. However, with the pandemic, the number of cyberattacks on IoT environments has also increased. As a first step, IT teams should identify the assets and devices used in the networks to ensure secure management. With the continuous monitoring of assets, vulnerabilities can be remedied immediately as soon as the appropriate patches are available.

To make all devices visible, IT teams need an automated asset management solution, such as Armis. Their asset visibility and security platform create a graphical visualization of all IP connections for each device in an IoT or IoMT environment in the form of a network map. This allows IT teams to see exactly what devices are present, what other assets they are connected to, and what risks this can pose. Because every device that comes online has various characteristics that IT staff must consider, such as operating system, application, user access, network connectivity, patches, or updates, it is a question of recognizing the blind spots in this complex environment. These result from three main problems:

  1. IT teams don’t have a complete, real-time picture of the deployed assets in their environment. Therefore, effective cybersecurity asset management should always start with visibility of all assets and devices, such as volume, type, and applications. IT teams can quickly detect and remediate threats by identifying all holdings inside and outside the IoT network and knowing their status.
  2. Traditional security tools don’t provide a complete view of where threats exist. As a result, IT teams need to create security and compliance policies for each asset and the associated services. It is also necessary to identify operating systems and applications on the devices.
  3. IT teams are unable to enforce security policies effectively. Because the tools used are often not suitable for identifying risks and providing patches to fix the problems. Businesses, therefore, need an automated approach to enforcing policies and orchestrating the entire process in an IoT environment – from detection to enforcement.

Suppose companies and healthcare facilities know about and eliminate these blind spots. In that case, they are well on the way to operating the existing IT infrastructure securely and efficiently with the existing IoT assets. And so IoT and IoMT have a secure future ahead of them.

Also Read: Best Practices IoT Security

Tech Gloss
Tech Gloss is a site dedicated to publishing content on technology, business news, Gadget reviews, Marketing events, and the apps we use in our daily life. It's a great website that publishes genuine content with great passion and tenacity.