Securing the Internet of Cows

It's fair to say we now understand that internet connected devices are here to stay and will continue multiplying by the second. From the connected cow to the very latest internet connected smart office wall, we can see that IoT imagination has no limits and subsequently many potential business benefits.

The latest predictions are that IoT spending is set to increase a further 15 percent and reach $772.5 billion by the end of 2018. This is great but the huge increase in IoT devices now plugged into our corporate networks represents a real cyber security challenge, we also know there is often severe implications on network performance when a device or group of devices starts to behave in a way they were not originally designed to.

The big issue with securing IoT devices so we can prevent them from being hacked and manipulated is that they are usually “headless” by that I mean they do not have the usual operating system or user interface that we can easily configure and update, this means there isn’t an easy way to load security software packages or certificates onto them. The other issue with these devices is that they often use fairly low end chipsets, these chipsets can open them up to nasty and widespread vulnerabilities. We saw what happened with Meltdown and Spectre this month and those were more expensive and supposedly better designed high end chipsets.

So whilst we really welcome the Internet of Cows, what can we do to limit the damage from more typical IoT devices already running on our corporate networks today?

1. Interrupt the command and control path

Most of the next generation firewalls we work with at O2 today have optional IP reputation and anti-bot software blades which can be enabled for an additional yearly subscription fee. These add-ons tell the firewall to cut the command and control traffic going out to known bad actors in the internet. This is the quickest way to limit the communications path of a compromised IoT device and stop it causing harm. Just ensure your firewall has the additional processing power available to handle this before turning the feature on.

2. Patch Management and Updates

It’s important to try and keep all known IoT device software up to date. This is hard to manage but can often remove known vulnerabilities, especially those recently discovered and publicly highlighted. You need to have a patching procedure in place and verify if the patches have been applied successfully. Patch management is still often overlooked and not just for IoT devices.

 3. Network Access Control

My final recommendation is to deploy network access control technology and not just because of the internet of things. Any well configured NAC technology will automatically classify and quarantine a new device when it connects to the corporate network. Once the device is automatically placed in a quarantined area you will limit the access it has to other parts of your computer network and thus mitigate the damage it can do. Why let an internet connected surveillance camera or Wi-Fi printer have the same access rights as your CFOs laptop?

 If you need help with cyber security, please get in touch dean.thomson@telefonica.com