October 31, 2022

A Cautionary Tale of IoT Security

Imagine this… you walk into work; you are the supervisor of an automated automotive production line for one of the largest global car manufacturers.  

Everyone from the last shift is still there, they are not packing up to go home, in fact, they are panicking. The production line has shut down, nothing is working, and computer screens along the production line display a ransom demand. 

The IT team are frantically working to turn off the servers and unplug the WAN to save as much of your organization’s logs and prevent any further physical damage to the hardware on the network.  

A few weeks later the forensic investigation revealed that a disgruntled employee had been paid by the Threat Actor to place some malware directly onto one of the IoT devices along the production line. This was possible due to the device still using a default password that had not been changed after installation.  

As IoT devices, these machines do not have a digital user interface, meaning that they cannot be secured with traditional endpoint security solutions. The network logs were being monitored by the organizations managed SEIM solution, however, this only allowed for alerting of suspicious and malicious activity to the company’s Manged Services Provider. Remediation and response capabilities were not available from the solution as they did not have security measures specifically tailored to IoT devices.  

With the production line disabled, the delivery of customer orders has been delayed resulting in the cancellation of almost a quarter of orders on the books. Bad reviews from customers who have had to wait for their vehicles and increased media attention have resulted in a loss of reputation and a massive decrease in the company’s share price.  

The overall impact of the business interruption has affected the revenue of the business, the livelihoods of those who work there and the reputation of the brand. 

But what could have been done to prevent this?  

By making sure that they had the right security in place to protect their IoT devices the manufacturer would not be subject to this level of jeopardy. 

With the rise of automated production and the use of IoT devices to do this, it is imperative to make sure these devices are not connected to Wi-Fi networks using outdated passwords. This can allow hackers to access information that could compromise the security of customer or employee data. 

Weak, default and stale passwords are the low-hanging fruit for hackers looking to attack and deploy large-scale botnets, and other malware. Managing device passwords at scale is a daunting responsibility, especially since IoT devices do not typically have human operators to instigate password change. 

Device Authority offers a number of solutions to help protect your IoT network, preventing the exposure of your whole network to Threat Actors by properly securing your IoT devices including; automated certificate management, securely delivering firmware updates, the continuous assurance of IoT devices on your network and the encryption of each data payload.  

To find out more about how our KeyScaler products can help to protect your organization from the threat of cyberattack, fill out the form below and one of our team will contact you with more information. 

Louise José