MS Windows和Pandora FMS中的事件，有沒有人給出更多？

Diving into Internet of Things Statistics

An Internet of Things (IoT) device simply means a device which can communicate back and forth with a central hub, mainly via WiFi but also using technologies such as SIM cards and radio frequencies. We are living in the age of digital connectivity, if it can have an IP address then you best believe it’ll have one assigned. From Samsung’s AI-powered Family Hub Smart Fridge which tells you what recipes you can make based on the ingredients inside, to Tesla vehicles with over-the-air updates for not only the software but also actual motor components (a 2018 update on the Model 3 to adjust the anti-lock algorithm which helped with braking distance).  

Consumer technologies aren’t alone when it comes to utilizing the Internet of Everything. Industries such as healthcare have their own use case. Internet of Medical Things (IoMT) such as smart sensors for monitoring patients’ vitals are an essential piece of equipment in modern healthcare facilities.  

The statistics back this growth: there are already more active IoT devices (10 billion) than people on earth. It’s expected that there will be over 30 billion total IoT devices by 2025, with the market value projected to reach $875 billion by that time. Every second over 100 new IoT appliances connect to the public internet. It’s so widely adopted that almost a third of the US population own a smartwatch. This sharp increase in devices has a clear effect on the global volume of data being transported, the graph below shows year to year growth.  

Cyber Threats & Vulnerabilities of IoT

As the Internet of Things rapidly grows, the cyber threats and associated risks continue to evolve and become increasingly complex with hackers coming up with new ways to breach devices and networks. Every organization should be aware of their own network attack surface, which is the totality of all vulnerabilities from connected devices and hardware. Each device poses a possible point of entry for an unauthorized user to gain access. Ideally you keep your attack surface as small as possible, making it easier to protect. But for some organizations, this simply isn’t a possibility, as there might be a need for thousands, if not hundreds of thousands of IoT sensors to report on key analytics.  

As mentioned earlier, the healthcare industry has a sizable use case when it comes to IoT devices. An issue with this is the cost associated with these complex pieces of equipment such as MRI scanners and X-ray machines. It simply isn’t feasible for these items to be upgraded regularly, which in turn leads to outdated and unsupported systems still playing a key role in the infrastructure. As an example, Windows 7 support was discontinued in January of 2020 after 10 years in operation, creating an untold number of vulnerabilities for organizations around the globe. According to a report from Palo Alto Networks cybersecurity division Unit 42, 83% of medical imaging devices are running unsupported operating systems.  

IoT devices suffer from a range of other vulnerabilities, including: 

• Weak/default passwords and settings: Back in 2016, the largest DDoS attack ever at the time was launched against the service provider Dyn using a botnet powered by IoT devices. Hackers used a piece of malware called Mirai, which after initially infecting a computer would continue searching for vulnerable IoT devices and use default usernames and passwords to login. These credentials can be found online easily, and if the network operator doesn’t change them, anyone can gain access. 

• Poor device security from the manufacturer: When a device communicates in plain text, all information that is being transferred can easily be intercepted via a Man-in-the-Middle attack. 

• Outdated IoT firmware: A large percentage of IoT devices use third-party libraries for their firmware, these can easily become outdated and with the lack of ability to update the firmware on some devices, this poses an issue. 

• Protecting your IoT Devices and Network: Network administrators need to realise that with these new devices they need to ensure they are keeping up with the essential security solutions. Strong passwords, firewalls and anti-virus software simply isn’t sufficient. The first step in protecting your IoT devices is to learn and understand what the most likely cyber threats are. Create a threat model which identifies, evaluates, and prioritizes potential vulnerabilities. Having a documented network is essential, a well-maintained network management system with advanced monitoring will massively help identify weak spots in the network.  

Basic IoT network security measures include:

• VLANs: Placing the IoT devices in their own VLAN with total segregation from the rest of the network. This doesn’t have to be anything overly complicated, just set some simple rules such as trusted and untrusted depending on how much faith you have in the device. E.g. A Nest smoke alarm can be placed in the trusted VLAN and have access to the internet but a cheap Chinese thermometer would go in the untrusted VLAN and not have access to anything else.  

• Static IPs: If it is possible to assign a static IP, definitely do so. This helps you to keep track of the device and can make troubleshooting a whole lot easier. Another benefit of this is helping with identifying new devices on the network. 

• MAC Address whitelisting: An easy way of ensuring only authorized devices can access your company network. But it is important to note that these can be easily spoofed. 

Advanced IoT security measures include:

• Modern Network Access Control (NAC): Traditional NAC solutions don’t scale well when it comes to IoT. Standard IEEE 802.1x security protocols are mostly incompatible with IoT devices. As mentioned above, MAC authentication can be spoofed. With NAC, network administrators are able to configure and enforce security policies and analyze device risk postures. 

• Automated configuration: Having an automated onboarding system in place for new devices is a smart idea. If your company has a large number of IoT devices, it can be easy for some to slip through the security configuration if done manually.  

• Device certificates: Using X.509 device certificates to manage the identity and security of devices adds another layer of security. These certificates play a key role in PKI-based security and serve as proof of device authenticity by authentication, encryption, and data integrity. 

• Secure API connections: APIs are commonly used to transfer data between applications and devices. This can give way to a whole host of cyber threats. It is essential that only authorized systems can communicate with the API. The use of tokens to establish trusted identities and provide access to the appropriate services is highly recommended.