By André Sollner
Let’s face it: Despite high expectations, 2021 made a lot of “worst ever” lists. That includes the world of cybersecurity and IoT, as organizations grappled with some of the most damaging cyber attacks in modern history. And, really, there’s no reason to think that trend will end anytime soon.
In 2021’s cyber attacks, the healthcare industry got hit especially hard. In the middle of the pandemic, hackers forced institutions, mainly through ransomware attacks, to pay up if they wanted to return to normal operations. It was—and continues to be—a vulnerable time for healthcare organizations, and hackers exploited that vulnerability.
But it’s not just healthcare. Every organization is at risk, especially with the ever-expanding, highly interconnected Internet of Things (IoT) and increasing supply chain issues. Here’s how to approach cybersecurity and IoT at the organizational level and steps you can take right now, from changes in human behavior to supply chain audits.
Human Behavior Impacts a Company’s Cyber Threat Attack Surface
The kinds of breaches and related issues at hand—ransomware, botnets, data leaks—are increasing in number and frequency. Let’s take botnets, for example. Botnets are basically malware-infected networks of internet-connected computer devices that hackers can use to steal data or perform Distributed Denial-of-Service (DDoS) attacks. Botnets take advantage of lax security in IoT devices, such as home security cameras, and can overwhelm networks and wreak havoc.
In today’s work-from-home age, where individuals may be using their personal WiFi connections or lack the digital protections typically found in secure office environments, there’s a greater chance that social engineering techniques, such as fake emails from reputable organizations, could result in successful phishing attacks.
Humans aren’t perfect. And when that very human imperfection is combined with a massive data breach, like the 2021 LinkedIn data leak, the results can be significant: In the LinkedIn breach, hackers were able to uncover the names and personal contact information of more than 700 million users.
Bad actors then were free to use that information in phishing attempts, sending millions of emails to unsuspecting users in an attempt to trick them into trading sensitive information like bank logins. If even a small portion of people in that data leak were to click on a bad link in an email or otherwise fall for a phishing attempt, it can mean big money for hackers—and big headaches for everyone else involved.
The (Cyber) Supply Chain Matters
No, this is not another blog about supply chain woes. We do not know where that couch you ordered in April of 2021 is. What we’re referring to here is the upstream supply chain of hardware, software and service providers that businesses and consumers rely on in their IoT devices—whether they’re data-collection tools in healthcare settings or the security cameras installed outside a home’s front door.
Put it this way: If there’s a security issue upstream, even if you put up every cybersecurity measure you can imagine against being hacked, it won’t make much of a difference. The security issue—the weakness—is embedded in the IoT device, and poses a cybersecurity threat.
How to Manage Your IoT Network Cybersecurity
So, what to do in the face of botnets, historic data breaches and increased vulnerability in the IoT? I’ve got three suggestions, beginning with an audit of your IoT ecosystem.
Plainly put, you need to know at all times what—and who—is on your network, be it your business organization or your home.
For example, take a security guard at a hospital who plugs in an Amazon Fire TV Stick—which is an IoT device—into a flatscreen and connects it to the hospital’s internal, secure WiFi. This seemingly innocuous move could create an entry point for a bad actor.
And remember, it’s impossible to secure something if you don’t have full knowledge of its weaknesses. An estimate 90% of IoT cameras have some sort of vulnerability—so be extremely cautious if you purchase a new device for your home or business.
It’s also important to train your staff and create policies that keep guest and production networks separate (i.e. network segmentation and zero-trust architecture) as well as control and manage all devices that may access your organization’s production network. Manage and monitor privileged access to accounts and applications and review alerts on high-risk events, as these are very attractive entry points for hackers.
My second suggestion is to redteam your incident response team, especially if you or your business handles sensitive or privileged information. What do I mean by that? Pay a trusted organization to come in and try to break into your cybersecurity ecosystem. Identify the flaws and vulnerabilities, and test every single entry point. This allows you to identify the weaknesses and fix them—before someone nefarious points them out to you by hacking into your networks or launching a ransomware attack.
Lastly, develop and foster partnerships with peers and professionals across industries and up and down the supply chain. Truly robust and safe cybersecurity operations come from industry-wide shifts, not just from one individual organization implementing fixes and responding to cyber incidents. Partnerships, especially large-scale ones, can mount serious regulatory and political pressure—a necessary application of force to bring about necessary change in cyber security and data privacy in our increasingly connected world.