Randori named leader in Attack Surface Management in GigaOm ASM Radar Report

December 23, 2022

The Role of IoT Device Discovery and Security

By: Randori Blog

Share on facebook
Share on twitter
Share on linkedin

Since its invention in 1999, the internet of things has allowed end-point devices to communicate and collaborate across the planet in real-time. However, IoT technologies are prone to cyber-attacks. Luckily, IoT device discovery helps secure the IoT. 

What is The Internet of Things or “IoT”?

In the most basic of terms, the Internet of things is just that; it’s every physical device that is connected to the internet. If it has a chip or is considered “smart,” that item is part of the internet of things, otherwise known as the IoT. The IoT encompasses all smart devices, and we do mean ALL. Everything from hairbrushes, smartwatches, kitchen appliances, Industrial sorters, and weather vane data collectors; if it’s connected to the World Wide Web, it’s part of the IoT.

The real beauty of the Internet of Things is it allows devices to communicate and collaborate over huge distances. Gone are the days when each factory, office, and organization had to function within a closed system and physically carry information back and forth. Organizations across the globe can now have their devices updated in real-time. 

The application of the Internet of Things has changed the landscape of science, industry, consumerism, social life, and government. Scientists no longer have to hike into an active volcano to read measurements on data collectors. Instead, the data collectors send the information right to their cell phones, hundreds of miles away from any danger. The application of the IoT has been endless. So much so that much of the data transfer that happens around us, we don’t even notice or give a second thought. 

Three Main Areas of IoT Usage

All physical devices connected to the internet are the definition of the Internet of Things in the broadest sense. But it’s beginning to have a secondary meaning when it comes to systems that are interconnected via the internet and depend on the internet to wirelessly connect to each other within a system or with certain parameters. These systems could be on  a small or large scale. There are three areas of IoT technology where the application of The Internet of Things has been widely used. 

  • Consumer

If you think of your home as the parameter, in this case, every smart device you own is part of your own Internet of Things. This includes everything from wearable devices, smartphones, smart toasters, tablets, televisions, blow dryers, smart blankets, baby monitors, kitchen appliances, and children’s toys. If it’s in your home, connected to your internet, and powered on, it’s part of your very own IoT. 

  • Enterprise

On the other end of the scale, a large company’s Internet of Things could refer to all of its manufacturing equipment, computers, servers, alarm systems, safety systems, and data collectors across all of its multiple factories. Businesses make use of IoT technologies often, and in 2016, 25% of corporations relied on the Internet of Things for their day-to-day operations. That percentage has only increased exponentially in light of the global Covid-19 pandemic’s effect on businesses. More and more companies are turning to IoT technology solutions, not just for their usual device communication, but in order to maintain remote workers and hybrid offices. Some theorize that by the year 2025, we could see 75 billion devices using IoT technologies.

  • Public or Government Usage

Government or Public usage of IoT technology has always made people squirm from an ethical standpoint, but the actual applications are far from nefarious and typically streamline systems that have been hopelessly complicated up until IoT became widely available. Normally, public usage of IoT technologies centers around utility monitoring. For example, the City of New York installed a wireless water meter in every building within city limits. The wireless water meters eliminated the need for meter checks and sent water usage data straight to city servers. This was one of the largest public uses of IoT technology and included over 800,000 devices within its system. 

Similarly, city, state, and federal governments have used IoT technology to regulate things like gas emissions, water levels in drought-prone areas, sewer effectiveness, and water quality. Cities are now able to detect water contamination much faster than in previous decades, saving many citizens from contamination. 

IoT Technologies and Cybersecurity

Though the areas mentioned above are some of the largest applications of IoT technology; there are hundreds of other areas where the internet of things is invaluable. Cybersecurity industries have also found applications, and pitfalls, in the use of the Internet of Things.

  • Lots of Data Transfer, Lots of Vulnerability

The Internet of Things was a world-changing invention; however, since its creation in 1999, the IoT has posed a significant security and privacy issue. Every device on the Internet of Things can become a potential security issue. Smart devices are designed to continually gather data and communicate back and forth with other devices. There are two main areas where the cybersecurity threat in IoT technologies is especially apparent. 

  • Consumer

Let’s say the toothbrush tracks your brushing habits, how long you brush, when, and where. The toothbrush records all that data and then communicates it through your wireless internet router and your internet server, which then relays it to multiple points, including a satellite (most likely). Then the data is transferred to the toothbrush company’s servers to be analyzed and organized for the consumer to read. And then, the data is communicated via the application on your cell phone. 

That is a lot of data transfer for one small, menial part of your morning routine. Each data transfer, communication, and connection between devices is a potential vulnerability that cyber threat hackers and other ill-intended entities could exploit. 

While the data collected about your oral hygiene may seem innocuous, most applications connected to smart devices store information like your email, login info, credit card info (especially if your smart device has a subscription), and physical address. Even with smart devices that you don’t have to provide any personal information, the application is a potential gateway onto your mobile device or your wireless internet system. Once connected to either device, cyberterrorists have a plethora of personal data at their disposal. 

  • Enterprise/Public

When IoT technology is unprotected on the industry or public scale, the use of IoT technology becomes a serious security issue waiting to happen.  Cyberthreat hackers can potentially hijack systems, devices, and machines or shut down public works and demand ransoms. They could infiltrate government offices and mine sensitive data, leading to identity theft and possible threats to national security.  Enterprise and Public works attacks are only projected to go up. 

Telnet Remote Access Protocol

Unfortunately, the cybersecurity threat to enterprise and public works isn’t just theoretical. In the first half of 2021 alone, 1.51 billion IoT data breaches occurred. All of these attacks used the telnet remote access protocol. This protocol is the backbone of IoT technologies and improves upon HTTP and FTP need for end-user approval for data transfer. Telnet automates communications and allows systems to communicate back and forth as needed. It’s an extremely useful protocol and widely used.  There has been a significant increase in IoT cyberattacks using Telnet remote access protocol during the last five years, peaking during the wind-down of the Covid-19 pandemic.  This coincides with the ever-increasing amount of businesses and organizations moving to fully remote or hybrid office settings. 

Cybersecurity and IoT Device Discovery

While the vulnerabilities of IoT technologies sound terrifying, there is good news. Cybersecurity companies have been working to mitigate these threats for decades and have even used the Internet of Things framework to create a secure network. 

IoT device discovery is the most efficient way to protect IoT technologies from being breached by cyberattacks. The practice of IoT device discovery provides the framework that allows more specific security protocols to function. IoT device discovery is an automated system to onboard, vet, and analyze each endpoint device that connects to it. Information technology departments can then specify what endpoint devices are part of their IoT network and which are potential threats. This allows IT and security departments to see what devices interact with their networks by placing automated gatekeepers when unknown devices try to sign in to the network. 

  • IoT Device Discovery and Industries/Public Works

When it comes to many types of industry and public works, IoT device discovery is pretty straightforward. These companies, organizations, and government entities are not interacting with consumers and therefore don’t have a constant influx of new devices trying to onboard to their network. 

The IT department can set strict parameters around its network that only allows for certain types of devices with access tags attached to their IP address. It can also keep track of and monitor the number and type of devices in its network. Only pre-approved devices are allowed onto the network. New devices have to be registered and assigned access tags. It’s very similar to having a physical key card to get into your office building, but the key card is a digital code attached to your device. 

Simple IoT Device Discovery protocols also come in handy in industry settings where only so many devices should be active on the network. If a new device appears, IoT device discovery flags the device, can quarantine it, and instantly alert their cybersecurity teams. 

  • IoT Device Discovery and Consumer Interaction

IoT device discovery becomes much more complicated as soon as consumer interaction is involved. This pertains to all areas of IoT technological applications like entertainment, research, healthcare, consumer-facing enterprise, consumer products, and government/public works. In organizations like this, there are countless end-user devices constantly accessing networks. For example, public Wi-Fi, smart devices, and GPS systems. When dealing with varying numbers of devices and no stable parameters, you need a more dynamic version of IoT device discovery software. 

  • IoTVAS NSE Script

    IoTVAS is short for IoT vulnerability assessment solution and is a more advanced form of IoT device discovery. This system helps enterprises and organizations vet their end-user devices more thoroughly by analyzing device inventories. IoTVAS then reads the ‘fingerprint’ of the devices by identifying the device by using one of several device features. These features can include the HTTP and HTTPS services or raw response of the device web server, a Telnet service banner, or an optional MAC (Media Access Control) on the device’s network interface.

    IotTVAS is a versatile form of IoT device discovery because it can be layered on top of existing cybersecurity protocols like network port scanners, asset management, and scanning tools. It actually functions best when properly integrated into a robust, preexisting IT asset management program, as the program alone doesn’t deal with devices they have on-boarded into a network.

The Internet of Things: Made Safe Through IoT Devices Discovery

As the world of cyberthreat and data breaches evolves, so will cybersecurity industry professionals who strive to mitigate and repel cyber attacks. Since 1999, the Internet of Things has been bringing devices together, pushing enterprises and STEM pursuits to places humanity could only have dreamt of in the not-so-distant past. As IoT technologies take their next steps into future applications and industries, the IoT Device Discovery protocol will continue to shield it from potential threats. 

Are you worried about the threat cyber attacks pose to your organization or business? Randori can help bring your cybersecurity posture into the future. Click HERE to read more about how we can help. 

Gain an Attacker's Perspective

Uncover your true attack surface with the only ASM platform built by attackers. Stay one step ahead of cyber-criminals, hacktivists and nation-state attackers, by seeing your perimeter as they see it.