Businesses have increasingly adopted IoT devices, especially amid the COVID-19 pandemic to keep their operations safe. Over the past year, the number of IoT devices employed by various organizations in their network has risen by a remarkable margin, as per research conducted by Palo Alto Networks’ threat intelligence arm, Unit 42.
While looking into the current IoT supply ecosystem, Unit 42 explained the multi exploits and vulnerabilities affecting IoT supply chains. The research also examined potential kinds of motivation for exploiting the IoT supply chain, illustrating how no layer is completely immune to the threat.
The analysis of the same has been reported during this year’s National Cybersecurity Awareness Month (NCSAM), which is encouraging the individual’s role in protecting their part of cyberspace and stressing personal accountability and the significance of taking proactive measures to strengthen cybersecurity.
The analysis also noted that supply chain attacks in IoT are of two types – through a piece of hardware modified to bring alterations in a device’s performance or from software downloaded in a particular device that has been affected to hide malware.
While highlighting a common breach of ethics, the research mentioned the incorporation of third-party and hardware components without making a list of the components added to the device. The practice makes it hard to find how many products from the same manufacturer are infected when a vulnerability is found on any of the components. Additionally, it also becomes difficult to determine how many devices across various vendors have been affected in general, by the vulnerability.
“The main goals for cyberespionage campaigns are maintaining long-term access to confidential information and to affected systems without being detected. The wide range of IoT devices, the access they have, the size of the user base, and the presence of trusted certificates make supply chain vendors attractive targets to advanced persistent threat (APT) groups…” the report stated.
“In 2018, Operation ShadowHammer revealed that legitimate ASUS security certificates (such as “ASUSTeK Computer Inc.”) were abused by attackers and signed trojanized softwares, which misled targeted victims to install backdoors in their system and download additional malicious payloads onto their machines.”
While putting things in a cybercrime perspective, the report noted – “The potential access and impact of compromising a large number of IoT devices also make IoT vendors and unprotected devices popular choices for financially motivated cybercriminals. A NICTER report in 2019 shows close to 48% of dark web threats detected are IoT related. Also in 2019, Trend Micro researchers looked into cybercriminals in Russian-, Portuguese-, English-, Arabic-, and Spanish-speaking marketplaces and discovered various illicit services and products that are actively exploiting IoT devices.”
The report stressed the need to “enlist” all the devices connected to a certain network as it will help in identifying devices and their manufacturers, enabling administrators to patch, monitor, or even disconnect the devices when needed. There are instances when all the vulnerable devices are unknown in the absence of a complete list, therefore it is imperative to have complete visibility of the list of all the connected devices in order to defend your infrastructure.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.