“Everything is becoming a computer… If it’s smart, it’s vulnerable.”
– Mikko Hypponen, Chief Research Officer at F-Secure
The enterprise attack surface of today has quickly evolved beyond traditional endpoints as hundreds of new, smart xIoT devices connect to the internet every second. This creates a growing attack surface made up of billions of new IoT, OT, and Network Devices – easy targets for hackers and nation-states to exploit.
The infographic below breaks down, defines, and summarizes xIoT across multiple topics, including:
- xIoT devices and device types
- Common xIoT vulnerabilities and pain points
- Recent xIoT attacks
- Legacy vs. Phosphorus xIoT security
- How to go beyond the FIND to also FIX and MONITOR xIoT devices
AN EXPLODING NUMBER OF IoT AND OT DEVICES
The sheer number of global xIoT devices needing security is surprising, especially when compared against the number of cloud servers and desktop computers that need to be secured. It is estimated that xIoT devices outnumber worldwide cloud servers and desktop computers by an order of magnitude.
And what are xIoT devices? xIoT refers to what we call the “xTended” Internet of Things. This xTended IoT category spans Enterprise IoT devices (cameras, printers, and door controllers), OT devices (like PLCs, HMI’s, and robotics) and Network devices (like switches, WiFi routers, and NAS).
MORE THINGS MEAN MORE VULNERABILITIES
xIoT security issues are compounded by the sheer quantity of xIoT devices in customer environments. Our analysis indicates that most organizations have about five IoT devices per employee. More than 50% of IoT devices have known vulnerabilities or default passwords, with 20% of these vulnerabilities being critical CVEs (CVSS score of 9 or above).
Recent advanced threats include the QuietExit attack, ‘RSOCKS’ Botnet, SCADA malware attacks, and the HikVision camera exploit, to name a few. As well, Phosphorus Cybersecurity™ has recently observed hackers exploiting vulnerable IoT systems – including door controllers and camera systems – to launch ransomware attacks inside US company networks.
GOING BEYOND THE FIND TO ALSO FIX AND MONITOR xIoT
By leveraging our ability to communicate with billions of xIoT devices, Phosphorus has developed a completely new approach to xIoT security that other vendors thought was not possible or too complicated. Before Phosphorus, there was no security solution that could provide full visibility of the complete xIoT asset inventory and provide comprehensive Attack Surface Management, Hardening and Remediation, and ongoing Detection and Response for every connected ‘Thing.’
We spent years developing an abstraction layer and platform that can safely speak to any xIoT device by communicating in the device’s unique and native language. This is not only very difficult, but imperative, as you cannot secure/manage/remediate/harden xIoT devices if you cannot communicate with and identify them.
The Phosphorus Enterprise xIoT Security Platform integrates seamlessly with existing network systems and includes these patented functionalities:
- Asset Discovery
- Posture Assessment
- Credential Hardening
- Remediation and Patch Management
- Detection and Response
I’ve tried to make the infographic simple and fun, outlining how we define, discuss, and secure the exploding xIoT landscape. Much more that I’ll cover in future blogposts and infographics, but I encourage you to schedule a demo anytime to see for yourself and learn more.