International. The Internet of Things (IoT) has been gaining ground and is increasingly permeating business environments, where its applications are almost endless. This would be making it a desired target for cybercriminals.
IoT environments go beyond a connected device, as they specifically consist of connected things that are equipped with sensors, software, and other technologies that allow them to transmit and receive data for the purpose of informing users or automating an action. This is reason enough to become an attraction for cybercrime.
According to projections by the firm Statista, approximately US$805,000 million was invested in IoT technology worldwide in 2023. In addition, it is expected that by 2027 there will be 29.7 billion devices connected through the IoT.
Meanwhile, forecasts for this year are that industrial IoT could exceed US $100,000 million, while in Latin American companies the presence of production solutions or PoC (Proof of Concept) involving IoT jumped from 31% in 2019 to 58% in 2023.
Oswaldo Palacios, senior account executive for Akamai, said that with the IoT generating vast amounts of data that can be used to make better decisions and new business models, security is a challenge that demands continuous attention.
"The Internet of Things makes it possible to collect data and send it to the network for analysis or even carry out a preliminary analysis and then send it to the network, situations that can compromise the security and privacy of confidential data," he said.
Akamai's 'Ransomware on the Move' report highlights that, in particular, manufacturing remains the top vertical with the highest number of victims of ransomware attacks.
This increased risk comes from the large amount of legacy or old commercial software, deployed at various sites in the supply chain and manufacturing, including operational equipment, sensors, and other connected terminal applications, from connected cars to chemical plants.
The sheer number of IoT devices connected to a corporate network can create a vulnerable and attack-prone work environment, so each of those devices means a new point that needs to be monitored, verified, and updated on a regular basis. In that sense, the question arises: how could a cyberattack be dispersed through these smart devices?
Oswaldo Palacios reported that hackers use social engineering, exploits, and vulnerabilities to infiltrate IoT devices, taking advantage of weaknesses in software or insecure configurations. In addition, he explained that on production lines when all devices are connected to the network, it is easy to perform a "lateral movement" without being detected. This is how ransomware spreads and reaches critical assets.
Another type of attack can be to disable the production line by cutting off the controller server's communication with IoT devices.
On the other hand, the expert also highlighted that unfortunately employees, suppliers and occasional visitors connected to a company's network can enter a malicious program on the network that can take advantage of their position and carry out an attack.
Against this backdrop, the expert mentioned that Ransomware of Things (RoT), which is a sophisticated variant of ransomware that focuses specifically on compromising the security of IoT-connected devices, has increased significantly in recent years.
The main objective of this type of attack is to block access or control of IoT devices, demanding a ransom in exchange for restoring their normal functionality. Cybercriminals demand a ransom payment in cryptocurrency, offering victims the key to unlock their devices once the payment is made.
Oswaldo Palacios highlighted that the economic consequences derived from a RoT attack range from the cost of the ransom demanded by the attackers, the loss of trust of customers and suppliers, to the expenses associated with data recovery and improved security.
These costs can be considerably high, especially for the affected businesses.
How to maintain a secure IoT environment?
According to the expert, understanding the risks associated with the growing threat in IoT security involves developing effective cybersecurity strategies. According to Oswaldo Palacios, IoT devices depend on networks and technological infrastructure which does not always have the appropriate planning and security to stop and eliminate threats in a forceful way, which is why measures must be taken such as isolating IoT devices and having visibility and control of where and how they communicate.
Constant connectivity and data sharing in an IoT environment creates new opportunities for information to be compromised. It is essential that every device that connects to the network is configured with security in mind, and the information that circulates within an IoT system must be mapped accordingly.
Recognizing that there is no perfect defense against threats can help create mitigation protocols that can contain and significantly reduce the effects of a successful attack.
Fortunately, more and more companies are protecting their IoT assets, the way they interact on the network and who has access to them. While not all IoT devices have the ability to install security software, actions such as microsegmentation will help to have a better cybersecurity strategy since you have broad visibility of which assets are communicating with each other.
By 2031, ransomware is expected to attack a business, consumer, or device every two seconds. With the prevalence of threats like ransomware and zero-day vulnerabilities, attackers are becoming increasingly adept at advancing laterally toward high-value targets when they find a way in.
"Given this data, tools such as microsegmentation put us a step ahead in any cybersecurity strategy, as it gives us complete visibility of who has access to what resource and how assets communicate with each other at the level of the communication process. This visibility allows us to detect and block any malware at its source, as well as prevent lateral movements," concluded Oswaldo Palacios.
