From pacemakers, to industrial thermostats, to traffic regulation devices, sensors are becoming as ubiquitous as the human population itself. Experts predict that 1 trillion networked sensors will be transmitting data around the world by 2022, emitting information from the mundane to the meaningful. By 2022, there will be 8 billion people on earth. Sensors will soon outnumber people and just about everything else. The problem is, many of these sensors have inadequate security.
Kevin Fu, a researcher with the University of Michigan, notes that sensors themselves are nothing new. In an interview with Security Ledger, he describes the current sensor situation:
“We’re surrounded by sensors and actuators.” While that’s been the case for a long time, the fact that these sensors are being connected and empowered to make autonomous decisions is a recent development.
Sensors present both a vulnerability and an opportunity
Each connected sensor represents a security threat if left undefended. For MSPs though, each sensor represents an opportunity. MSPs need to be transparent with clients about the security threats that sensors pose, the cost of not defending them, and the security options available.
SmarterMSP reached out to security expert Tom Dugas about sensor security and how to best defend sensors. Dugas is the Assistant Vice-President and Chief Information Officer at Duquesne University in Pittsburgh. The university has a robust tech program in a city increasingly noted for its cyberskills.
Each connected sensor represents a #security threat if left undefended. For MSPs though, each sensor represents an opportunity.
“Any device connected to a network or the internet can be a weak spot. They all run on software code that very often needs to be patched and updated based on vulnerabilities found in the design or development of the software,” suggests Dugas.
Patching is a topic we’ve covered extensively on SmarterMSP. As we have discussed previously, patching needs to stay current to be effective. However, sensors have other inherent risks beyond inadequate patching.
There’s no easy solution
According to Dugas, “Sensors are at risk because very rarely are there easy solutions to maintain and update, like what has been developed for corporate networks. So, it is often manual and time-consuming to manage them.”
Attackers can scan the internet for any opportunity to find a hole to exploit.
“If you are not designing your sensor networks with the appropriate controls, they can be susceptible for attacks and breaches,” adds Dugas.
MSPs need to form strong communicative relationships with their clients, so that the installation of new sensors is reported and logged. It’s more difficult to defend something if you don’t know about it.
Dugas recommends a robust defense for sensors. Some of his recommendations include:
- A defense-in-depth approach to network design. This allows you to overlay technologies and solutions to provide transparency and to avoid risks related to sensors. By allowing visibility into the network traffic and to add protections within and between the layers of a network, you have the opportunity to provide real-time monitoring of our environment through a SIEM.
- Use integrity monitoring and behavior-based tools which allow you to benchmark normal operations of your network and then to quarantine devices such as sensors that are not behaving normally.
- Layer your security to provide the least privilege access to services on a network, provide behavior-based intrusion detection/intrusion prevention system, gather threat intelligence, and have 24/7 monitoring of your environment.
- Layer network access controls (NACL’s) which includes secure VLAN’s that are designed to host single purpose needs in some cases such as a set of sensors. These network environments segment and isolate away various parts of a network from others that may be more risky areas and vice versa. You should also build in different thresholds that alert you if something is behaving differently.
News articles have been full of warnings about hackers being able to attack sensors, but are attacks actually common? Currently, hackers seem more interested in phishing attacks and ransomware, but sensors represent vulnerability, and recent incidents should serve as warnings.
A single sensor at a Las Vegas casino was hacked allowing outsiders to access a database of high rollers. Luckily, no credit card data was compromised. More alarming is that China was recently able to penetrate a US Navy contractor’s system and steal sensor data.
A segmented environment is critical in keeping sensors away from key enterprise planning databases.
“I firmly believe that MSPs should micro-segment computing environments and networks, so systems that don’t belong together in the same functional area are not used. This allows us to build tighter rules and controls for those areas and to watch it more closely for abnormalities,” states Dugas.
By keeping sensors relatively quarantined, you can limit your client’s exposure.
“Don’t allow them to talk to each other at all nor have the ability to exchange information. Keep the environment unique and controlled,” advises Dugas.
MSPs are best positioned to keep that control, so don’t ignore the inherent dangers — and opportunities — in sensors.
Photo: Mr.Suchat / Shutterstock