Page 66 - Cyber Warnings
P. 66
Part III: Current and Future IoT Threats
The relationship between IoT and Wi-Fi
By Ryan Orsi, Director Product Management, WatchGuard Technologies
In parts one and two of this series, I covered the importance of understanding the anatomy of a
Wi-Fi hacker and how to defend your airspace using WIPS and WIDS. For my last article of the
series, I’ll cover the growing threat of Wi-Fi enabled Internet of Things (IoT) devices.
Today, most IoT devices fall into two categories: general IoT and industrial IOT (or IIoT). The
first consists mostly of consumer devices like cameras, watches, thermostats, color LED light
bulbs, and more. The second includes items like electric, gas and water meter devices that
attach to the home or business and transmit data back to industrial systems or utility.
As you probably know, the IoT market is growing fast. As a matter of fact, according to Bain, by
2020 IoT annual revenue will reach $470 Billion. And, McKenzie & Company estimates the
annual growth rate to be about 33 percent. That’s huge growth, and it’s putting a lot of pressure
on manufacturers to produce these devices quickly. As a result, most devices are Wi-Fi enabled
(versus using cellular data), delivering low cost connectivity for buyers.
But remember the old saying, “You can get something fast, cheap or good. Pick two.” As IoT
manufacturers race to get new products to market, they’re also overlooking (to put it kindly) the
major security concerns associated with these new devices.
Which means these products are fast and cheap, but often not good from a security standpoint.
Of course, these smart, connected devices make our lives and jobs more convenient, but they
also present critical security challenges. The reality is, convenience and security often don’t mix.
When you combine the security vulnerabilities of IoT devices and Wi-Fi, these transformative
technologies begin to look a lot scarier.
Don’t believe me? Let’s dive into some IoT vulnerabilities, first by looking at the main attack
vectors:
• Network Services – IoT devices are connected to the network for a reason: to provide
remote access. Unfortunately, when users set up these services, security usually isn’t
top-of-mind. So when a webcam is deployed, chances are it’s assigned to an open,
unprotected port. Since IoT devices don’t have good security, this means a user’s
network could be vulnerable.
• Man-in-the-Middle (MiTM) Attack – As mentioned in Part 1 of this series, IoT devices are
not actively managed, allowing hackers to launch MiTM attacks in relative obscurity over
either wired or wireless networks. Today, the majority of wireless hacks involve a MiTM
attack.
66 Cyber Warnings E-Magazine – June 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
