Connected Devices and Ransomware, a Perfect Match
Attackers and ransomware peddlers worldwide couldn’t be happier with so many Internet of Things and other connected devices coming online every day. These devices are significantly more likely to be vulnerable to an attack when compared to more traditional devices, like PCs, laptops, servers, etc.
The fact that so many connected devices are vulnerable is not lost of malicious actors the world over and they are gunning for these holes in organization’s armor with a fervor not seen before. Ransomware and other attacks are increasing in frequency by the day and there is no sign of it letting up. In fact, nearly half (48%) of hospitals in the United States shut down their network in the first half of 2021 because of a ransomware attack.
Why Connected Devices are Vulnerable to Ransomware
There are some fundamental reasons most connected devices are so vulnerable and it appears unlikely these factors will be eliminated anytime soon.
First of all, the manufacturers of these devices have absolutely no incentive to update devices or remediate vulnerabilities found after a device is manufactured and had software loaded onto it. In a HealthITSecurity article it was found that 1 in 10 devices on hospital networks are vulnerable to the BlueKeep exploit and this is just the tip of the iceberg that connected devices bring to the table.
Also, many of these devices simply have no method to update themselves, it would require connections, software, and hardware that adds to the overall cost (or profit). On top of that, there is no regulatory or legal incentive for them to spend much time and money to make devices secure in the first place. This is coupled with there being no way to enforce that security related updates be provided.
In addition to the vulnerabilities these devices have out of the box, there are plenty of pitfalls when it comes to vulnerability scanning connected devices. Traditional vulnerability scanners often need agents and/or some kind of domain admin account for in-depth scanning, but most connected devices don’t support agents or centralized user management.
Traditional vulnerability scanners, like Nessus and Qualys, can easily overwhelm and crash especially resource-constrained connected devices. Because of the potential impact to production IT teams frequently exclude these endpoints from regular vulnerability scans. The result is an unknown amount of untested, potentially vulnerable devices on the network waiting to be discovered by a malicious actor.
Are They All Insecure?
Now you might be saying, sure consumer devices have no incentive, but surely those made for industrial, healthcare, or other professional uses must be better. This is categorically not the case, whether a connected device is designed to monitor a patient or run a gas pipeline that supplies a large portion of the US, they are designed to be easy to use and reliable and decidedly not for security.
In some cases when a device costs 10’s of thousands of dollars, they tack on some security features but it is still designed to work easily with little to no setup.
Ease of use is fundamentally at odds with security.
To make something work simply, and on the first try, it makes sense to have all possible services enabled to allow any connection the user may want to make. To accomplish this they have to open up more services and enable more connectivity making these devices ripe for attack.
Find Ransomware on Connected Devices in 5 Minutes
So, if these devices are never designed to be secure and there is little to no incentive to manufacturers to fix issues how can a networks integrity be protected?
This is where IoTSecure’s easy and affordable IoT security journey comes into the picture. The journey starts with a free IoT-mini security appliance that provides an assessment so you can determine your risk profile on IoT devices.
- Request a FREE IoT-mini
- Connect the IoT-mini anywhere on the network (no TAP | SPAN ports). It takes less than 5 minutes!
- Get an automated report that provides detailed identification of IoT devices and detects IoT-specific threats that traditional vulnerability scanners commonly miss, including ransomware and those on the OWASP IoT Top 10.
If you want to take proactive steps to protect you or your organization from ransomware and other common attacks take a minute to request a free IoT-mini to try out. See for yourself just how easily attackers can get in and fix those holes before they get exploited and your organization is the next headline.
Find & Identify Your IoT Devices and Vulnerabilities in 5 Minutes. Free to Try & Keep on 1 Network