[ad_1]
Hardware security threats and strategies to overcome them are evolving as businesses install more and more autonomous features for smart buildings and IoT projects.
The trend of organizations to automate manual tasks has led to a number of hardware security incidents.
Today, everything from surveillance cameras and HVAC systems to physical door lock controller platforms are connected to the network.
As a result, some companies are trying to minimize costs by purchasing and installing IoT and smart building hardware at the lowest price. However, the hardware of these devices is often compromised, threatening the overall security of the entire corporate network.
Common hardware security threats
IoT devices come with many risks, as they work independently. Identifying how long an attack on an IoT component has occurred is more difficult than making the same determination for servers, desktops / laptops or smart devices.
But that doesn’t mean there aren’t any hardware security threats to these devices as well. Common hardware security flaws include the following:
Implied word
This is primarily a problem for low-cost IoT devices and hardware that use default passwords, which are provided immediately. These passwords are then added regularly to corporate networks, regardless of the potential risk involved.
Local access not secure
In many cases, IoT and smart building hardware can be accessed locally via a managed or serial Ethernet interface.
If these connections are not blocked, both in terms of configuration and physically, a bad player could compromise a company’s infrastructure by modifying these devices while visiting the office, warehouse, or factory.
Outdated Device / BIOS / Firmware Unified Extensible Firmware Interface
Companies that build and sell intelligent HVAC systems, plant robotics and other IoT components connected over IP are not necessarily IT security experts.
Firmware is often full of errors and security holes. This vulnerability is compounded by poor patch management, as many IT departments do not regularly update the firmware on these devices when security patches are released.
Custom / purpose built chipsets
Custom chipsets continue to anchor much of the hardware in enterprise data centers or state-of-the-art desktops.
Because these purpose-built chips are tailored for niche purposes, manufacturers’ security reviews aren’t as intense as those for chips to be installed in much larger device groups.
Over time, hackers find vulnerabilities in these chips, making it difficult for the manufacturer to find a patch.
Lack of encryption
Encryption, whether at rest or on the go, is often lacking in operational technology devices that are rapidly connecting to IP. Unencrypted data can be collected over the network or from stolen devices that contain unencrypted data saved directly on them.
Hardware security strategy
Hardware security issues are different from software-centric security flaws.
First, hardware issues typically affect niche products that IT security personnel are unfamiliar with.
To protect your organization, take an inventory of the entire network to identify the various attached hardware devices.
Then check that the manufacturer has the proper documentation and a process to download and update security patches and firmware. Ideally, these patches should be applied automatically.
This is also a great time to reevaluate the devices connecting to your network and determine if you trust them or not.
In some cases, the hardware may be at the end of its life or at the end of support. In others, the hardware may come from a questionable manufacturer.
Either way, decisions need to be made about the level of risk the company is willing to take on existing hardware, including whether it is more prudent to purchase newer hardware that is more likely to be protected and repaired on a regular basis.
Finally, be sure to monitor your network devices. Tools such as network detection and response use AI to establish normal behavior and trigger an alert when that behavior exceeds a defined threshold.
Hardware that abruptly changes from “normal” is a telltale sign that a network compromise may have occurred.
[ad_2]
Source link
