Devices that fall within the category of the Internet of Things (IoT) are developed with portability and connectivity as the main focus, not necessarily security. But that might be an issue...

As IoT devices have become integrated into our daily lives, threat actors have begun seeking out opportunities to exploit such devices in order to gain access to the often more valuable connected network.

IoT devices (technology describing the ability of everyday objects - rather than computers and smartphones - to connect to the internet. Examples include speakers, televisions and security cameras. Find out more about IoT devices via Wired’s article: What is the Internet of Things? WIRED explains) are notoriously difficult to maintain due to not being limited to any single geographical area and not always prompting users to apply regular security updates.

This provides opportunities for threat actors to exploit unpatched vulnerabilities; recent activity demonstrating this has been identified with unpatched Hikvision surveillance cameras being exploited by Chinese threat groups tracked as APT41 and APT10, and a hi-tech coffee machine at a very established organisation who wish to remain anonymous being hacked!

Research by Cyfirma has identified that when sampling 250,000 devices, over 80,000 were unpatched and susceptible to CVE-2021-3620 (CVSS 9.8), a critical command injection vulnerability that is being exploited by the aforementioned threat groups.

During the study, the UK ranked fourth in the world for the greatest number of devices left unpatched, which is substantial considering the small size and population of the UK compared to the leading countries, China, USA, and Vietnam.

When patching or evaluating security, IoT devices as a whole are often overlooked in favour for more critical infrastructure or larger storage devices.

This may leave the network exposed as threat actors pivot their tactics, techniques, and procedures (TTPs) towards the targeting of IoT devices in search for out of date systems to exploit with the objective of harvesting credentials or moving laterally towards the organisation’s main network.

The challenge

Maintaining the cyber security of an IoT device can be challenging, which is often why it's overlooked.

The key to improved IoT security lies in limiting the connectivity of IoT devices and networks to the business network. Then, if an IoT device or IoT network is compromised, damage can be contained.

Read more on how to effectively secure your IoT devices via this article from nozominetworks.com: Addressing IoT Security Challenges

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).