Count your devices before they are hacked

metoc15411 · Post by **metoc15411** » Thu Jan 23, 2025 5:40 am

If you don’t know what’s connected, you can’t protect it. That’s why “ understanding which devices are connected and what they’re doing is essential to proper security,” as Michel Drolet argued in Network World. Ken Munro of Pentest Partners believes that even something as simple as “ walking the floor ” to find out what devices are connected to the internet is a good idea.

You want your inventory to be visible so you know what items are vulnerable to hacking. This visibility is similar to Molly Weasley's watch in the Harry Potter books, which tells her where her children are and whether they are in trouble.

Why wasn't Ginny's spoon in the "mortal danger" section when she wrote in Voldemort's diary in the Chamber of Secrets?
Why wasn't Ginny's spoon in the "mortal danger" section when she wrote in Voldemort's diary in the Chamber of Secrets?

There are companies that can help you achieve this kind of visibility. Cyber-X offers XSense, a software platform that can monitor all of your connected devices and alert you to potential attacks in real time. Cyber Defense magazine named CyberX X Sense a “ Best Product in ICS/SCADA Security Solutions ” last March, and the company was also named one of Gartner’s 2015 “ Cool Security Vendors for Technology and Service Providers .” High praise indeed.

3. Use secure networks and hosting.
Make sure your network is secure. Some experts go so far botim database as to recommend creating a separate network to prevent potential hackers from " accessing shared files or network devices ."

Network segmentation is another strategy for securing your IoT devices. Network segmentation breaks the network your devices send information over into different zones. If a device in one of these zones is attacked, the attack will be limited to at least that zone. Gartner research predicts that “network segmentation and isolation solutions will account for 33% of all IoT security spending through 2020,” so it’s an option worth exploring. This article from Network World outlines the five basic steps of network segmentation, and this paywalled Gartner study can take you one step further.

4. Use a firewall.
If you’re not using a firewall, you should be using one. Firewalls prevent hackers from communicating with your IoT devices. IEEE Spectrum’s Alan Grau describes them as “ gatekeepers” blocking traffic that shouldn’t be allowed to pass . “ Firewalls are like the TSA or customs agents who screen luggage and people when they enter a country. Even the policies programmed into firewalls, called whitelists, are like the TSA’s lists of what you can and can’t bring into the country.

One way to protect your devices, especially if you're using older technology, is to add a "punch in the wire" by purchasing and using " a small, dedicated hardware and software component that sits between the IoT device and the internet." Such devices are available from companies like Grau's, Icon Labs , a version of which is called Floodgate Defender . You can also check out similar products from Tofino Security . Think of it as hiring a contractor to do your border patrol work for you.