From a comprehensive survey of IoT in the Enterprise to the latest vulnerability security cameras – these are all things that happened throughout the week in the field of Network Airspace Control and Protection (NACP).
The Connected Enterprise: IoT Security Report 2021
Palo Alto Networks released a few days ago their comprehensive report “The Connected Enterprise: IoT Security Report 2021”.
The report surveyed 1,900 IT decision-makers at organizations in 18 countries – United States, Canada, Brazil, United Kingdom, France, Germany, Netherlands, Middle East (comprising of UAE and Saudi Arabia), Spain, Italy, Ireland, Australia, China (including Hong Kong), India, Japan, Singapore, and Taiwan.
The bottom line
“According to the 2021 survey, 78% of IT decision-makers who have IoT devices connected to their organization’s network reported an increase in non-business IoT devices on corporate networks in the last year. Smart lightbulbs, heart rate monitors, connected gym equipment, coffee machines, game consoles, and even pet feeders are among the list of the strangest devices identified on such networks in this year’s study”.
Why is this significant?
Read that again: 78% of people in charge of the security of their network admit to having unmanaged, insecure (how secure can a gym equipment be…) wireless capable device connected regularly to their networks. These devices in fact act as Wireless Receptors that poke holes in the enterprise network security because of their ability to interact with wireless devices outside of the corporate network, aka Antenna for Hire.
While the report suggests better asset management as a step towards regaining control and security we’d like to stress that visibility per se is not enough. The respondents of the survey are AWARE of the connected device and to some extent are NOT denying their mere existence. What they need is a tool to control the interactions of these wireless capable devices with other devices in the corporate network airspace.
A NACP solution will map the corporate network airspace, identify corporate connected devices and control their interaction with potential Antenna for HireTM.
Vulnerable Dahua Cameras
As you explore the threats in the corporate network airspace, here’s a recent example of an Antenna for Hire – a Remote Code Execution (RCE) vulnerability was revealed on Dahua cameras. RCE vulnerabilities allow an attacker to remotely take complete control of a device.
The bottom line:
Thinking it’s difficult to find a vulnerable camera in the proximity of your network? Think again. Shodan search engine is a powerful tool that could be used by miscreants to find vulnerable cameras. It lets people look for Internet connected devices by type and location. In fact, its latest search for the Dahua vulnerability yielded 1.2 million results.
Thinking now that Dahua does not exist in America due to the US ban on this Chinese-based device? Think again. Not only do old versions exist (prior to the ban) but Dahua actually appears as part of US brands such as Honeywell and other brands that integrate some of Dahua’s software and hardware.
Why is this significant
Antennae for Hire act as the remote attacker’s vehicle. Once under the control of the attacker, the attacker searches for a Wireless ReceptorTM at a victim-corporate in its proximity and from there the digital airborne attack is on its way.
So, if someone tells you there are no vulnerable wireless devices in their vicinity, ask them what they think about the security camera of the office two floors up and send them this article.