How SonicWall Can Protect Businesses From IoT-Related Attacks
The explosion of the Internet of Things means there are more devices coming online, including within corporate networks, more than ever before. And that means the attack vector for hackers and other bad actors has expanded significantly.
In a talk delivered Wednesday at The Channel Company's IoTConnex virtual conference, SonicWall Senior Security Engineer Rob Krug detailed how something as innocent as connecting a smartphone to a wireless network can expose a business to a cyberattack and how SonicWall can help prevent them.
When it comes to defining IoT, Krug said it can range from common devices, like laptops and phones, to newer kinds of devices, like wearables and smart home appliances.
[Related: Intel, Arm Team Up To Simplify Secure IoT Device Onboarding]
Many IoT devices, according to Krug, "have simplistic and easily exploitable operating systems" and may also rely on Wi-Fi or Bluetooth, which can be exploited as well.
As one example, Krug pointed to the 2016 Mirai botnet, which took control of thousands of poorly secured web cameras and launched a massive DDoS attack against a large group of websites and services, including Twitter, Amazon and Netflix.
"Because of the vastness of the IoT attack surface, the potential for a breach increases exponentially with the increase in connectivity," Krug said.
This means that businesses not only have new classes of devices that can be attacked but also new vulnerabilities that can increase the likelihood of an attack.
To illustrate how IoT devices can threaten corporate networks, Krug illustrated three common scenarios: an employee connecting an infected smartphone or IoT device to a business' Wi-Fi network; an employee plugging an infected smartphone or IoT device into a workstation; or an employee using a VPN to connect an infected laptop or tablet to the corporate network.
In all three scenarios, Krug said the infected devices can transmit malicious code to adjacent devices or the gateway, which then can ripple out to other devices on the network.
Krug said the common nature of these threats means it's important for network administrators to "deploy a true automated real-time threat prevention solution," which SonicWall can offer.
SonicWall's offerings include a firewall that provides encrypted connections and the ability to deploy advanced SD-WAN configurations, a virtual firewall or virtual web application firewall, a cloud-based or on-premises real-time threat prevention solution, secure mobile access appliances, SonicWave access points and the SonicWall Capture Client for endpoint protection.
All of the offerings then wrap into SonicWall's Capture Security Center, which serves as single-pane-of-glass web portal that provides complete control, management, reporting and analytics of the entire SonicWall deployment.
Krug said in the case of the employee's infected device connecting to a wireless network, a SonicWall firewall and SonicWave access point can detect malicious code attempting to traverse the network and prevent the connection. For the employee's infected device being plugged into a workstation, SonicWall's Capture Client can prevent the exploit as well as notify network administrators of the detected threat. As for the VPN connection from an infected device, Krug said a SonicWall appliance with real-time deep memory inspection technology can detect the exploit, prevent it from moving into the network and alert administrators of the attack.
"In order to meet this challenge, network admins have to have a security solution that is able to inspect every vehicle of communication, including emails, browsers, files, and applications across any traffic, encrypted or unencrypted," Krug said.
Rod Bledsoe, vice president of technology of Holly Hill, Fla.-based ACNS Technologies, one of CRN’s 2018 IoT Innovators, said the exponential growth of IoT means that many businesses don’t realize all the new devices that are coming onto their networks. That has become a new area of sales expansion for ACNS, Bledsoe said, with the solution provider’s health-care customers, for example, that have to consider compliance issues with devices.
“We can go in and help them maintain their HIPPA compliance by taking care of those IoT issues,” he said.
DIANA BLASS contributed to this story.