How to approach keeping your IoT devices safe

A DVR has now become a major weapon as seen with the latest round of DDoS

IoT devices safe
Credit: Shardayyy
Nothing is safe

With the recent take down of DYN and Brian Krebs’ web site, cybercriminals have found a way to use your own devices to bring the Internet to its knees. Portnox’s CEO Ofer Amitai provides some ways to keep those devices safe from these attacks.

Not even your DVR is safe.

IoT devices safe
Credit: Thinkstock
Decision

The first obvious step in any change is the decision. You’ve decided to secure your network against all those IoT devices. You understand that there is a cost associated to that both in resources and time, so the next obvious step would be build a plan.

IoT devices safe
Credit: Thinkstock
Assessment

The first part of building a plan is the assessment. Understanding what there actually is in your network. Start by continuously monitoring your network for any device joining in. Profile that device remotely, understand what it is and where it is connecting. Preferably do all of that from a single central location. As Rob Joyce, NSA TAO Chief (NSA attack team) once said “…if you really want to protect your network, you really have to know your network”.

IoT devices safe
Credit: Thinkstock
Prevention

Any network is as strong as its weakest link. In this case our network is consisted of unmanaged IoT devices. Segment those IoT devices in their own small networks (VLANs). Put next generation firewalls between those micro segments. This way if one IoT gets penetrated and turns into a “command and control” hub of the black hat hackers, only that segment is infiltrated and not your whole network. Make sure your “crown jewels” are not in the same segment.

IoT devices safe
Credit: Thinkstock
On-Boarding

Once you deployed your segmentation mechanism, you would need to deploy automatic and manual on-boarding processes for new devices. That on-boarding process includes the automatic segmentation by device type/vendor and also includes accountability of each device in your network, just as you would do if a guest comes to visit you in your office.

IoT devices safe
Credit: Thinkstock
Detection

Security requires a layered approach. You’ve “captured” those hackers in the IP security cameras segment. They will now search for a way out, to go after your servers, they will start scanning your network, looking for the next vulnerability. This is the best time to catch them, but for that you need a detection technology that would analyze the network traffic and alert upon any anomalies.

IoT devices safe
Credit: Thinkstock
Response

Getting alerts is only as good as the response to them. Without a response, they are just acting as a smoke screen for the penetrators. Those alerts should be converted into automatic actions of blocking, limiting access or quarantine of suspected devices. For blocking mechanism, the closer you do the blocking to the actual network infrastructure, like shutting down the actual Ethernet port, the more secure and affective you are.

MORE: 7 ways to avoid alert fatigue