Is the IoT Supply Chain Secure? Palo Alto Networks

Palo Alto Networks Unit 42 examined the current IoT supply chain ecosystem, analyzing its multilevel threats, weaknesses, and attack motivations

42
supply chain IoT security Pixabay

New research from Palo Alto Networks shows that over the past year, for 89% of IT managers, the number of IoT devices on their organization's network has increased - this trend expands the surface of possible attacks, with IoT devices and IoT supply chains finding themselves most at risk. Having an understanding of the risks and real-world examples at the level of hardware, firmware, operation and vulnerabilities can help you effectively develop risk control and mitigation strategies.

Why the IoT Supply Chain May Be Under Attack

When it comes to IoT supply chain attacks, the conversation is about the software that will be installed on a particular device, such as a router or camera, that may have been compromised with malware. But an attack can also be about a piece of hardware that has been installed or modified to change the behavior of devices. It is also important to consider supply chain vulnerabilities, with third-party software installations (such as libraries, drivers, kernels or hardware components) or part of specific components, such as an application or firmware.

A common mistake during the software development and design lifecycle of a device is to incorporate third-party software and hardware components without listing which ones have been added. As a result, when a new vulnerability is discovered on one of these components - such as a zero-day vulnerability (a vulnerability not explicitly known to the developer or the company that produced the system, ed.) - it is difficult to know how many products from the same vendor are affected. Even worse, it can be difficult to determine how many devices in general, across different vendors and manufacturers, are affected by the vulnerability. Often, firmware installed on different devices uses unapproved libraries or components, which are known to contain vulnerabilities. However, this firmware can still be used in production in many devices on the market.

How vulnerable are IoT networks?

From a user's perspective, it is difficult to know what components are inside an IoT device. These elements have inherent security properties that depend on other components, which in turn have security properties, and if any of these components were vulnerable, an attack could compromise the entire device. Moreover, users managing networks with IoT devices do not always have an inventory of the number of connected devices. As a result, keeping track of potentially vulnerable devices in an enterprise network turns security and risk management into a difficult task.

How to protect yourselfย 

  • It is critical to maintain a list of devices connected to the network to identify them, and of vendors and manufacturers using a vulnerable component, so that the administrator can troubleshoot, monitor or disconnect them if necessary.
  • If the entire list of vulnerable devices is unknown, it is still useful to have complete visibility of those connected to the network: receiving a notification when one of them generates abnormal traffic is essential to protect your infrastructure.
  • Secure software development cycles should be implemented and integration of third-party libraries should be considered.

 

Previous articleAn Avnet Silica kit for "Proof-of-Concept" projects in IoT applications
Next articleSeeds: growth forecast for silicon wafers

LEAVE A COMMENT

Please enter your comment!
Please enter your name here