Cybercrime is now a machine-to-machine numbers game organised to exploit millions of IoT devices and cameras. If you don’t react, your number will be up, sooner or later says Justin Martin Lawrence…
Would you leave your house without locking the door, or your car unlocked in a supermarket carpark? Didn’t think so. Even though the chances of a break-in are slim, you’d be foolish not to protect your property. So why should it be different for data, especially when the consequences are potentially far more damaging? The scary truth is that the risk of having your most intimate data stolen is bigger and more immediate than you think, because in 2020 cyber theft is a systematically opportunist crime organised on a global scale.
Today the opportunist at your door is not the local miscreant with a crowbar trying his luck but a terminator in cyberspace, programmed to execute. The hacker’s custom-automated scanner bot is trained by algorithm to target many thousands of IoT devices and security cameras with known vulnerabilities in a single sweep. And when its unblinking gaze finds a breach in a local network that just happens to hold your data, that’s when things can take a turn for the worse. Relative obscurity will not protect you. Cybercrime is no longer a sporadic lottery but a machine-to-machine (M2M) numbers game and if you or your customers are vulnerable, sooner or later, yours will be up.
So many targets
The problem is manifest in the ballooning number of potential targets available; the most prolific weapon of choice for hackers being the gazillions of IoT devices entering homes and businesses. Recently ZDNet reported that the number of global M2M connections is expected to reach 14.6bn by 2022, growing at 19 per cent a year. That’s 14.6bn possible paydays for the cybercrime industrialists. Earlier this year a so-called ‘bot list’ of Telnet details for over 550,000 servers, home routers and smart devices appeared on a hacking forum, providing IP addresses and Telnet usernames and passwords for each device. By the hacker’s own admission the list was compiled through a typical ‘botnet’ operation by scanning the internet for devices with an open Telnet port, then using a bot to probe with default usernames and passwords, or pre-defined, easy-to-guess password combinations. This information makes it easy for criminals to install malware custom-designed to pillage at will. And because cyber criminality has become industrial in scale, free tools proliferate on open source if you know where to look.
Internet of sh.t
A chilling expose in E&T magazine entitled ‘How to hack an IoT device’ describes the method by which these tools might be coordinated to launch a typical botnet attack. In the first instance the hacker would go to a publicly accessible site like CVE.mitre.org (Common Vulnerabilities and Exposures) to acquire a list of device vulnerabilities. Then they’d pick a target and search the internet using a port-scanning site like Shodan.io for the location and IP addresses of all those compromised devices across the globe. Next they would systematically test specific devices for the vulnerability with a free distribution tool like Metasploit. If successful, Metasploit will offer up the device for control. And because the said device, a camera for instance, is always talking to a server M2M, the big prize is server access, especially if it sits on the network of a bank or a rich family. It works like a pyramid. From a base scan involving six figure device numbers, the targets are whittled down to a juicy few, and then the hacker needs just one to get lucky. For those in the know, it’s child’s play.
You need to be firmwary
Cybercrime’s little bot sentinels are not only sniffing for open network ports or patch code vulnerabilities, they also love the smell of old firmware. And this is a growing problem due to the sheer number of connected IoT devices. Sure, those from the likes of Google and Amazon receive push updates, but most IoT devices lack a secure firmware update mechanism. Since the IoT vendor imperative is to be cheap and quick to market, device security is invariably compromised. Consequently, the IoT airspace has become a chaotic riot of platforms and standards, ripe for plunder by the cyber subversives. Many of your customers will own at least a handful of smart devices but do they know or care how they upgrade? And what about those obscure white label products that crop up on discount sites or on ebay at irresistible prices, ostensibly smart but without an upgrade path? Connect the dodgy fridge-freezer to a router and throw open the door to data theft. How do you control that?
Time to deploy WatchGuard®
The answer is WatchGuard. It’s a relatively effortless plug-in solution that should be mandatory in every network you design. WatchGuard Technologies’ cost-effective Firebox Series of Unified Threat Management (UTM) appliances offers integrators and their customers an easily installed, automatically updated defence against advanced malware, ransomware, botnets, trojans, viruses, drive-by downloads, data loss and phishing.
Plugged into the LAN backbone as a router (or after the router) WatchGuard’s UTM firewall boxes are capable of scanning in real time at over 10Gbps (M470 and up). At entry level the new T Series T20, T40 and T80 firewalls, which scale to accommodate up to 50 users and up to 5 wired Gigabit network connections, will dovetail perfectly with current Internet speeds and consumer use.
Rapid reaction force
They have comprehensive VLANning built in, multi-WAN traffic management, and traffic-shaping: all the bells and whistles. There’s also configuration control at an amazing level of detail, allowing the client, for instance, to prevent a family member from posting pictures on Facebook while still having access to feeds.
Another huge advantage is an ability to react quickly to boost the defensive arsenal. WatchGuard is built around expertise in each area (akin to most car brands using Bosch injectors for example). This means that when an element from one provider proves to be more effective, WatchGuard can turn it on seamlessly in a silent automated update. For instance, WatchGuard has switched from Kaspersky to Bitdefender. Bitdefender is better. It’s self-improving gold.
Total Security Suite packages are available on all Firebox solutions offering protection against advanced malware, ransomware, and the loss of sensitive data. WatchGuard also offers a full suite of network visibility and management services from its WatchGuard Dimension solution, packaged with every firewall.
Add WatchGuard to the team
This is no time to leave your data doors unlocked. The need for a comprehensive, managed and proven plug-in solution, backed by one of the world’s foremost security technologists has never been more of a no brainer. And it might just protect you from getting sued by Mr. Big Guns customer when his ventures on Ashley Madison go south, or someone uses “password123”. In such a dynamically threatening scenario, WatchGuard is a priceless defence against a risk you cannot afford to take.