Living in the Wild West of the IoT

By

What started as a siloed technology called IoT (Internet of Things) has now evolved into a complete ecosystem for automation to make our everyday life simpler and more productive. The signs are everywhere as the adoption skyrockets. All industries are rushing headlong with smart “things” – smart cities, smart homes, smart cars, smart drones, and smart appliances.

By 2025, Statista forecasts that there will be more than 75 billion Internet of Things (IoT) connected IoT devices in use. This would be a nearly threefold increase from the IoT installed base in 2019. The original estimate from 2018 was 23 billion and 31 billion in 2020. See what I mean by “the trajectory goes up like a rocket?”.

IoT and its associated automation bring a very compelling value once you had tried it. My own experience is with the smart home side of things. However, the industrial and enterprise side of IoT are even more pervasive, and innovative. Thanks to the Artificial Intelligence technology that are often tightly coupled.

Let me give you an example of how home automation has simplified my life. I started with a smart thermostat that monitors peak usage cost, and a smart irrigation system that can auto-dial water usage based on the weather. But the most compelling value comes from the humblest smart switches that turn legacy home devices on and off based on preprogrammed parameters.

The race has driven the cost to $4 a pop. Who wouldn’t find it compelling?

Before long, I have a gang of 20 smart switches invaded my home. Is IoT really a blessing?

Well, it is indeed as long as you put safety precautions around it. Otherwise, it can be a curse. According to the SonicWall Threat Report, it is the second most common attack after ransomware.

What makes the IoT devices so vulnerable is the fact the lack of security foundation. Let’s take a look at the smart switch vendors. At $4 a pop, they must rely on open source and unhardened firmware. Once released, it will never patch even when a vulnerability is discovered. Bringing these IoT devices into your environment is like putting a Trojan horse!

The security issue is so dire and the specter of IoT attacks continuing to explode exponentially, many legislative bodies opted to consider legislation strengthening cybersecurity on these IoT devices during the first half of 2021, including UK, US, Australia.

Governments are now involved. Yes, these are not private entities that usually coax the adoption of security measures through standards or best practices. IoT is indeed the new Wild West.

Shouldn’t you also be prepared?

How to secure IoT devices connecting to my network?

So, what steps can you take to make sure all your IoT devices can connect securely to your organization’s network? Here are three questions you should address:

  1. Can my firewall decrypt and scan encrypted traffic for threats?
    The use of encryption is growing both for good and malicious purposes. More and more, we’re seeing cybercriminals hiding their malware and ransomware attacks in encrypted sessions, so you need to make sure your firewall can apply deep packet inspection (DPI) to HTTPS connections, such as DPI-SSL.
  2. Can my firewall support deep packet inspection across all my connected devices?
    Now think of all the encrypted web sessions each IoT device might have. You need to make sure your firewall can support all of them while securing each from advanced cyberattacks. Having only a high number of stateful packet inspection connections doesn’t cut it anymore. Today, it’s about supporting more deep packet inspection connections.
  3. Can my firewall enable secure high-speed wireless?
    OK, this one sounds simple. Everyone says they provide high-speed wireless. But are you sure? The latest wireless standard is 802.11ac Wave 2, which promises multi-gigabit Wi-Fi to support bandwidth-intensive apps. Access points with a physical connection to the firewall should have a port capable of supporting these faster speeds. So should the firewall. Using a 1-GbE port creates a bottleneck on the firewall, while 5-GbE and 10-GbE ports are overkill. Having a 2.5-GbE port makes for a good fit.

So, What’s Next?

This post is also available in: Portuguese (Brazil) French German Spanish Italian

SonicWall Staff