https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
    • MSP 501 Information Center
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
    • MSP 501 Information Center
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Best Practices


IoT Security

IoT Insecurity: 6 Common Attacks and How to Protect Customers

Can you help customers cope with threats to new technology?
ShieldX Networks' Manuel Nedbal

Manuel Nedbal

By Manuel Nedbal, Founder & CTO, ShieldX Networks

You’ve seen the explosion in connected devices and IoT technologies ranging from smart homes to drones and even autonomous bots. Gartner says there will be more than 20 billion IoT devices in the wild by 2020, as enterprises rapidly adopt connected devices for better process control and to improve their bottom and topline growth. Billions of connected devices will revolutionize how data is processed and consumed, but don’t underestimate the associated security risks for your customers.

Imagine a SMART bulb or HVAC unit in a secure network operation center beaconing its own radio protocol. Connected devices like these provide back doors for an attacker who might be sitting in the parking lot or building, one that might allow access to an otherwise secure environment. Because traditional security controls and network-security devices are not designed to detect and mitigate these types of threats, IoT devices pose a serious risk to enterprise infrastructure if they aren’t properly managed. Partners need to figure out how to help.

Common IoT Attacks

Our ShieldX Labs team has performed detailed analysis of IoT device threats and vulnerabilities. The following list outlines the most common attacks we’ve seen on IoT devices.

  • Privilege escalation: Attackers are exploiting IoT device bugs, design flaws and operating-system or software-application-configuration oversights to gain elevated access to resources that are normally protected from an application or user.
  • Eavesdropping: If a weakened connection between an IoT device and server is found, an attacker might be able to intercept network traffic and steal the possibly sensitive information that IoT devices transmit over enterprise networks.
  • Brute-force password attacks: Due to the weakness of most IoT device passwords, brute-force attacks can be effectively used to gain access to the device.
  • Malicious node injection: Using this method, attackers physically deploy malicious nodes in between legitimate nodes in an IoT network. The malicious nodes can then be used to control operations and snoop on the data flowing between linked nodes.
  • Firmware hijacking: If firmware updates downloaded by an IoT device are not checked to make sure they originate from a legitimate source, it’s possible for an attacker to hijack the device and download malicious software.
  • DoS: Hackers are increasingly turning to denial-of-service (DoS) attacks to take companies offline or steal their sensitive data. It has been reported that DDoS attacks increased 91 percent in 2017 thanks to IoT.
  • Physical tampering: Physical threats exist if devices are deployed in environments where it is difficult for the enterprise to control the device and the people who can access it. As the explosive expansion of IoT continues, I expect to see even more sophisticated attacks emerge. I expect that attackers will begin to use compromised IoT devices to move laterally inside a network and bypass a variety of security controls, then pivot to move deeper inside the network. Additionally, IoT devices will be used as an exfiltration route that will allow attackers to send sensitive information to themselves.
The Challenge of IoT Threat Mitigation

All of the IoT attacks listed in the section above are difficult to detect because …

  • Page 1
  • Page 2
  • Page 3
Tags: Agents Best Practices Cloud Data Centers IoT Security

Most Recent


  • Making Waves
    7 Channel People Making Waves This Week at Datto, New Relic, Kyndryl, More
    Our No.1 story was a video segment highlighting IBM.
  • Fireworks
    Cybersecurity Experts: July 4th Weekend Ripe for Ransomware, Other Attacks
    Russia definitely has motivation to exploit the July 4th holiday in some way.
  • Old job new job
    New Pure Storage EMEA Channel Leader Details Jump from Veritas
    Geoff Greenlaw says he wanted to join a high-growth company after 18 years at Veritas.
  • Unemployed, laid off
    Qumulo Confirms Layoffs, Citing Economic Conditions, Reaching Profitability
    Qumulo has raised $351 million in funding at a valuation of more than $1.2 billion.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Ransomware skull and crossbones
    JBS Did What it 'Needed to Do' with $11 Million Ransom Payment
  • Cloud Certification
    CompTIA Updates Cloud+ Certification, Drops New AI Guide for Businesses
  • White House
    White House to Private Sector SMEs: Get Serious About Cybersecurity
  • Stressed young people
    More Partner Pain Points: MSPs On Lack of End-to-End Security, 'New Normal'

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

7 Channel People Making Waves This Week at Datto, New Relic, Kyndryl, More

July 1, 2022

Cybersecurity Experts: July 4th Weekend Ripe for Ransomware, Other Attacks

July 1, 2022

Images: HPE Discover 2022 Expo Hall Featuring Microsoft, Ingram Micro, VMware

July 1, 2022

Industry Perspectives

View all

How to Make Embracing Change Part of Your Company Culture

July 1, 2022

How to Differentiate to Leverage 5G’s Revenue Opportunity

June 28, 2022

Why MSPs are Attractive Cyberattack Targets

June 24, 2022

Webinars

View all

VEP Platform for Delivery of uCPE, SD-WAN and SASE

June 29, 2022

The Digital Worker: How to Empower Customers with a Flexible, Scalable VDI Solution to Enable Remote Work

June 30, 2022

Growing Partner Revenue and Customer Satisfaction with Power Management Services

June 23, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

Vonage a ‘Single Communications Stack Provider’ for Partners, Customers

IBM, Partners and the $1 Trillion Hybrid Cloud Opportunity

June 26, 2022

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

May 6, 2022

Twitter

ChannelFutures

Channel people making waves this week include: @jpdepa3rd, @RiyaShanmugam, @sandyhogan dlvr.it/STCM6S https://t.co/oVB86ztTtP

July 1, 2022
ChannelFutures

#Cybersecurity experts say July 4th weekend ripe for #ransomware, other attacks. @blumirasec @Netenrich @Vectra_AI… twitter.com/i/web/status/1…

July 1, 2022
ChannelFutures

New @PureStorage #ITchannel leader details jump from Veritas. dlvr.it/STBsLB https://t.co/BFSmZ5ubff

July 1, 2022
ChannelFutures

New Pure Storage EMEA Channel Leader Details Jump from Veritas dlvr.it/STBrPQ https://t.co/LjFXo6FbVF

July 1, 2022
ChannelFutures

.@qumulo latest channel business to confirm layoffs impacting 80 workers. #storage dlvr.it/STBh1L https://t.co/hE10wBA3ka

July 1, 2022
ChannelFutures

Ranking on the #MSP501 isn't just an industry accolade... it brings pride to each company and their team. Congratu… twitter.com/i/web/status/1…

July 1, 2022
ChannelFutures

Company culture is ever changing in today's society - here are ways to embrace that change with @coxbusiness… twitter.com/i/web/status/1…

July 1, 2022
ChannelFutures

#HPEDiscover expo hall images. Featuring @IngramMicroInc @msPartner @Veeam @Commvault and more.… twitter.com/i/web/status/1…

July 1, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X