1 00:00:00,05 --> 00:00:02,02 - [Instructor] The number of Internet of Things 2 00:00:02,02 --> 00:00:05,01 or IoT devices is growing rapidly 3 00:00:05,01 --> 00:00:08,00 and so are the related threats when they're deployed 4 00:00:08,00 --> 00:00:09,09 in an unsecure way. 5 00:00:09,09 --> 00:00:12,03 The good news is there are some straightforward steps 6 00:00:12,03 --> 00:00:14,04 you can take to protect your organization 7 00:00:14,04 --> 00:00:17,09 from the threat of unmanaged IoT devices. 8 00:00:17,09 --> 00:00:19,05 It's important to understand though 9 00:00:19,05 --> 00:00:22,07 that some IoT devices are so poorly designed 10 00:00:22,07 --> 00:00:25,02 that they may be challenging to secure. 11 00:00:25,02 --> 00:00:26,00 For instance, 12 00:00:26,00 --> 00:00:29,04 they might not allow you to change default passwords. 13 00:00:29,04 --> 00:00:30,06 So we'll start by looking 14 00:00:30,06 --> 00:00:33,02 at a few effective security actions you can take 15 00:00:33,02 --> 00:00:34,05 at the network level 16 00:00:34,05 --> 00:00:38,05 even if the IoT devices themselves are hard to secure. 17 00:00:38,05 --> 00:00:42,00 First, you should conduct an IT asset inventory, 18 00:00:42,00 --> 00:00:45,03 run network scans like Nmap to know which systems 19 00:00:45,03 --> 00:00:47,02 and devices are on your network. 20 00:00:47,02 --> 00:00:49,04 This will help you identify IoT devices 21 00:00:49,04 --> 00:00:51,01 you may not have known about. 22 00:00:51,01 --> 00:00:53,05 Investigate any that seem out of the ordinary 23 00:00:53,05 --> 00:00:56,06 and remove any unauthorized devices. 24 00:00:56,06 --> 00:00:59,03 Second is network segmentation. 25 00:00:59,03 --> 00:01:02,04 Now that you have an inventory of your network assets, 26 00:01:02,04 --> 00:01:03,09 the next step is to identify 27 00:01:03,09 --> 00:01:06,05 which ones are your critical information assets 28 00:01:06,05 --> 00:01:08,05 and where they are in your network. 29 00:01:08,05 --> 00:01:11,02 Use your routers and switches to segment your network 30 00:01:11,02 --> 00:01:14,02 and isolate your critical assets from IoT devices 31 00:01:14,02 --> 00:01:15,09 as much as possible. 32 00:01:15,09 --> 00:01:17,08 Finally, block ports. 33 00:01:17,08 --> 00:01:20,06 Figure out which network ports the IoT devices need 34 00:01:20,06 --> 00:01:24,02 and block traffic at the firewall for any other ports, 35 00:01:24,02 --> 00:01:26,08 especially block Telnet port 23 36 00:01:26,08 --> 00:01:29,00 unless it's absolutely required. 37 00:01:29,00 --> 00:01:30,02 Telnet was the protocol 38 00:01:30,02 --> 00:01:33,03 that the Mirai attack software used to compromise hundreds 39 00:01:33,03 --> 00:01:35,08 of thousands of IoT devices. 40 00:01:35,08 --> 00:01:39,07 Some IoT devices on the other hand are easier to secure. 41 00:01:39,07 --> 00:01:40,07 If that's the case, 42 00:01:40,07 --> 00:01:43,04 then at a minimum implement the following. 43 00:01:43,04 --> 00:01:46,02 Change default passwords when possible. 44 00:01:46,02 --> 00:01:48,01 This is easily the most important way 45 00:01:48,01 --> 00:01:50,02 you can protect your organization and data 46 00:01:50,02 --> 00:01:53,01 from attacks against your IoT devices. 47 00:01:53,01 --> 00:01:56,01 Attackers know the most common IoT default passwords 48 00:01:56,01 --> 00:01:59,00 and will use them to compromise your devices. 49 00:01:59,00 --> 00:02:01,05 Changing the default password keeps these attacks 50 00:02:01,05 --> 00:02:03,03 from being successful. 51 00:02:03,03 --> 00:02:06,01 Next, configure strong security, if possible. 52 00:02:06,01 --> 00:02:08,01 Practice the least privileged principle 53 00:02:08,01 --> 00:02:10,06 and only give the device and accounts that access it 54 00:02:10,06 --> 00:02:14,02 the ability to do what they should be doing and no more. 55 00:02:14,02 --> 00:02:15,09 Set restrictive security controls 56 00:02:15,09 --> 00:02:18,07 on the device itself if that's an option. 57 00:02:18,07 --> 00:02:22,02 And third, install software updates and patches. 58 00:02:22,02 --> 00:02:25,01 If the manufacturer is supporting their IoT devices 59 00:02:25,01 --> 00:02:27,09 with periodic software updates and patches, 60 00:02:27,09 --> 00:02:30,06 make sure you install them in a timely manner. 61 00:02:30,06 --> 00:02:32,09 They may include important security fixes 62 00:02:32,09 --> 00:02:36,07 that will help protect your IoT devices from attacks. 63 00:02:36,07 --> 00:02:39,02 The Open Web Application Security Project 64 00:02:39,02 --> 00:02:43,00 or OWASP published the IoT top 10, which is a list 65 00:02:43,00 --> 00:02:46,09 of the key vulnerabilities to avoid when building, 66 00:02:46,09 --> 00:02:50,03 deploying, or managing IoT systems. 67 00:02:50,03 --> 00:02:53,05 If you're responsible for securing IoT devices, 68 00:02:53,05 --> 00:02:55,00 I recommend reviewing this list 69 00:02:55,00 --> 00:02:57,04 to make sure you've protected against all 70 00:02:57,04 --> 00:02:59,05 of these vulnerabilities. 71 00:02:59,05 --> 00:03:02,04 By implementing these and the other protections I covered 72 00:03:02,04 --> 00:03:05,07 in this video, you'll significantly reduce your exposure 73 00:03:05,07 --> 00:03:09,00 to the threat of unmanaged IoT devices.