IoT devices have long been an integral part of the technological and production processes of many modern companies. They\u2019re used in industrial facilities, in smart buildings, and in everyday office life. However, their security has always raised concerns; especially considering that many devices require access to remote systems via the internet \u2014 for firmware updates, monitoring, or management. In fact, the introduction of IoT devices into corporate infrastructure greatly increases the attack surface, abut there\u2019s no way to equip every device with protective technologies.<\/p>\n
In general, an unprotected network device can become a foothold for further attacks on corporate infrastructure. There are some search engines that can scan ranges of IP addresses according to given parameters (analogues of the Shodan system). In theory, these are tools for researchers, but in fact they are often used by cybercriminals too, who can search for vulnerable or simply outdated IoT devices connected to the internet. Then everything depends on the intentions of the attackers and the specific weaknesses of the given IoT device \u2014 sometimes criminals try to seize control through the web interface, sometimes slip in a fake firmware update, or sometimes they simply disable the device. IoT botnets are doing something similar: infecting many IoT devices and then using them for DDoS attacks.<\/p>\n
Another possible malicious use of IoT devices is spying. Last year, a group of hackers gained access to 150,000 IP cameras<\/a> in companies, hospitals, schools, police stations and even prisons, and went on to release some of the video footage they had accessed therefrom. This incident shows well how easy it is to look into the premises of sensitive organizations. But espionage is not limited solely to cameras \u2014 attackers can try intercept data streams from a variety of devices (for example sensors of one kind or another).<\/p>\n Industrial Internet of Things (IIoT) devices present an even more severe problem. The potential interference in the production processes of a critical infrastructure facility could lead to catastrophic consequences for both the given company and the environment.<\/p>\n In order to secure the entire fleet of IoT or IIoT devices used in your company from cyberthreats, it\u2019s not at all necessary to fully isolate yourself from the internet. Instead, those devices\u2019 communication with cloud services can be organized through a specialized security gateway. Recently, we presented to the world such a solution \u2014 the Kaspersky IoT Secure Gateway 1000.<\/p>\n Our gateway is able to protect IoT devices from network attacks, DDoS, MitM attacks, and other malicious activity. Kaspersky IoT Secure Gateway 1000 is built as part of our cyber immunity strategy based on our own secure operating system \u2014 KasperskyOS \u2014 thanks to which it is itself reliably protected from outside interference.<\/p>\n You can learn more about the principle of cyber immunity and using KasperskyOS in our Best Practice Cyber Immunity 2022 whitepaper<\/a>. There you can also find several real-world cases of Kaspersky IoT Secure Gateway 1000\u2019s usage for protection of critical infrastructure.<\/p>\n Kaspersky IoT Secure Gateway 1000 is managed through the Kaspersky Security Center console, which allows network administrators to view all security events and provides specialists with information about running IoT devices. It supports the Syslog and MQTT protocols to send events to external monitoring systems and cloud platforms \u2014 including Microsoft Azure, Siemens MindSphere, AWS, IBM Bluemix and others. Detailed information about the device itself, as well as about other Kaspersky cyber-immune developments, can be found on the Kaspersky IoT Infrastructure Security page<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" Cyber immune gateway that can shield IoT and IIoT devices from cyberthreats.<\/p>\n","protected":false},"author":2581,"featured_media":44775,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3051],"tags":[205,1058,729,794,2505],"class_list":{"0":"post-44774","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"tag-botnets","10":"tag-ddos","11":"tag-espionage","12":"tag-iot","13":"tag-kasperskyos"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/iot-protection-ksig1000\/44774\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/iot-protection-ksig1000\/24342\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/iot-protection-ksig1000\/19809\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/iot-protection-ksig1000\/26705\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/iot-protection-ksig1000\/24643\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/iot-protection-ksig1000\/25008\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/iot-protection-ksig1000\/27379\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/iot-protection-ksig1000\/27006\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/iot-protection-ksig1000\/33444\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/iot-protection-ksig1000\/19140\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/iot-protection-ksig1000\/19671\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/iot-protection-ksig1000\/28962\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/iot-protection-ksig1000\/25201\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/iot-protection-ksig1000\/30706\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/iot-protection-ksig1000\/30455\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/iot\/","name":"IoT"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/44774","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2581"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=44774"}],"version-history":[{"count":8,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/44774\/revisions"}],"predecessor-version":[{"id":44806,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/44774\/revisions\/44806"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/44775"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=44774"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=44774"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=44774"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}How to protect IoT devices<\/h2>\n