– Healthcare organizations are increasingly deploying Internet of Things (IoT) devices to improve employee productivity and patient care. However, those same devices are being targeted by cybercriminals, warned the FBI in an August 2 public service announcement.
These cybercriminals are searching for and compromising IoT devices to use as proxies for internet request to route traffic for cyberattacks and network exploitation, the PSA warned.
IoT devices that are being targeted include connected medical devices, routers, wireless radio links, time clocks, streaming devices, IP cameras, smart garage door openers, and network-attached storage devices.
“IoT proxy servers are attractive to malicious cyber actors because they provide a layer of anonymity by transmitting all Internet requests through the victim device’s IP address…. Cyber actors use the compromised device’s IP address to engage in intrusion activities, making it difficult to filter regular traffic from malicious traffic,” the FBI said.
Cybercriminal use compromised IoT devices to send spam e-mails; maintain anonymity; obfuscate network traffic; mask Internet browsing; generate click-fraud activities; buy, sell, and trade illegal images and goods; conduct credential stuffing attacks, which occurs when cyber actors use an automated script to test stolen passwords from other data breach incidents on unrelated web-sites; and sell or lease IoT botnets to other cyber actors for financial gain.
Some of the things that attackers look for in vulnerable IoT devices include weak authentication, unpatched firmware or other software vulnerabilities, and/or default usernames and passwords.
Organizations should look for indicators of compromised devices, such as a major spike in internet use and charges, devices or internet connections running slow, and unusual outgoing traffic.
To protect against attackers compromising IoT devices, the FBI recommended that organizations:
- Reboot devices regularly, as most malware is stored in memory and removed upon a device reboot
- Change default usernames and passwords
- Use anti-virus regularly and ensure it is up to date
- Ensure all IoT devices are up to date and security patches are incorporated
- Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding
- Isolate IoT devices from other network connections
The number of IoT devices in use is expected to reach an estimated 20 to 50 billion by 2020.
The US Computer Emergency Readiness Team (US-CERT) issued a similar warning about IoT devices last fall.
US-CERT warned organizations that many connected devices can be infected at one time, with unauthorized users accessing the information on those devices.
In a Security Tip advisory, US-CERT recommended that organizations take steps to secure their IoT devices, including evaluating security settings, ensuring software is up to date, taking precautions when connecting devices, and using strong passwords.
“This technology provides a level of convenience to our lives, but it requires that we share more information than ever,” US-CERT cautioned.
“Enabling certain features to increase convenience or functionality may leave you more vulnerable to being attacked. It is important to examine the settings, particularly security settings, and select options that meet your needs without putting you at increased risk,” the advisory added.
Factors fueling that growth include increasing connectivity of healthcare IoT devices with caregivers and new access points for hackers to exploit. Therefore, implementation of security solutions will become increasingly important for organizations.
Key players in the market are Inside Secure (France), IBM (US), Cisco Systems (US), Intel (US), Oracle (US), and Sophos (UK).
North America is the leading region in the IoT security implementation in the healthcare sector with revenue of $2.2 billion in 2015 because of increased usage of smart IoT devices for health management.
The Asia-Pacific region is expected to grow at a higher CAGR than other regions. Because of the health management of the increasing ageing population, IoT adoption will increase and therefore security will become crucial for organizations in this region.