With the rapid development and gradual application of emerging technologies such as 5G, artificial intelligence, and blockchain, as well as the rapid implementation of new applications such as smart cities, smart homes, industrial Internet, and Internet of Vehicles, the Internet of Things and mobile Internet are further integrated and are entering A new stage of “cross-border integration, integrated innovation, and large-scale development”. According to research by Business Insider Intelligence, there will be more than 41 billion IoT devices by 2027, five times the number last year (8 billion). These IoT devices connected to the network can be the weakest link in a network that is very vulnerable to hackers.

Global cybersecurity leader Palo Alto Networks recently commissioned Vanson Bourne Technology Research to conduct a new survey on IoT security practices for securing the Internet of Things, including China, across Asia, Europe, the Middle East and North America 1350 enterprise IT decision makers in 14 countries. And a few days ago, an online media exchange event was held to interpret the survey results in depth.

The overall security posture of IoT devices is declining

Palo Alto Networks Releases IoT Security Report: Nearly Half of Chinese Enterprises Have Not Turned On IoT Security Protection

Adrian Chan, President of Palo Alto Networks Greater China

Mr. Chen Wenjun, President of Palo Alto Networks Greater China, introduced that Unit 42, Palo Alto’s cyber threat intelligence team, released the “2020 Unit 42 IoT Threat Report” in March this year. It found that the overall security posture of IoT devices is declining, and businesses are vulnerable to new types of IoT-targeting malware as well as older technologies long forgotten by IT teams. Things like “How Fraudsters Hack IoT Cameras to Play Fake Videos to Cover Their Criminal Behavior,” “Hacking Groups Exploit IoT Device Vulnerabilities to Attack Corporate Networks,” and “Unpatched Flaws in IoT Smart Locks Put Homes at Risk “The reports are not uncommon. The main threats to IoT devices mentioned in the report include: exploiting device vulnerabilities as high as 41%, followed by malware at 33%, and exploiting user habits, such as cryptojacking, phishing, and user passwords, reaching 26%. %.

Palo Alto Networks Releases IoT Security Report: Nearly Half of Chinese Enterprises Have Not Turned On IoT Security Protection

Unit 42 IoT Threat Report: Top Threats to IoT Devices

Since the beginning of this year, with the outbreak of the new crown epidemic, telecommuting is becoming a new trend. The devices that employees inadvertently bring into the corporate network are often not considered security issues, and may become a convenient channel to access important company information and systems. To address new threats, security teams need to discover these new devices in a timely manner, assess risks, determine normal behavior, and quickly apply security policies.

Connected sports equipment, tabletop toys and medical wearables are emerging as new challenges for security teams

Sean Duca, Vice President and Chief Security Officer, Asia Pacific and Japan, Palo Alto Networks

Sean Duca, vice president of Palo Alto Networks and chief security officer for Asia Pacific and Japan, released the survey report, saying that more and more types of IoT devices are connected to the network, including some connected toys, small household appliances, medical wearables equipment, even to electric vehicles, etc. These devices have permeated our daily lives. On the one hand, they will be quickly connected to the Internet. On the other hand, they do not have many security management mechanisms when they leave the factory, so they can easily become the weakest link in the outbreak of security vulnerabilities on the network. Unit 42 noted in its March report that 57 percent of IoT devices are vulnerable to moderate-to-high attacks, making them a prime target for attackers.

Most of the respondents in this survey also said that they have certain visibility into the Internet of Things connected to the enterprise network, but there is no good way or measure to solve it.

Network segmentation is the most critical IoT security precaution

In terms of security measures, the first and most critical measure is network segmentation, which directly determines which devices can directly connect to which networks, and which devices cannot access related network segments on the network. Network segmentation is the most basic security management measure for access rights and obtained security levels after the entire IoT device is connected to the network. Sean Duca said, “When it comes to IoT devices, we need to take a zero-trust approach, which should be at the heart of every company’s IoT strategy. That means defining the purpose of every connected device and thing, and setting boundaries, It can only connect to the part of the network that contributes to that purpose.” In this regard, 24% of respondents said that the IoT devices in their enterprise do not yet have the relevant network segmentation.

In Japan and Asia Pacific, nearly one-third of respondents said they have not started any IoT security planning, or related processes, or have not carried out the necessary network segmentation.

Nearly half (42%) of Chinese companies with more than 1,000 employees said they have either not started their IoT security journey or have not yet divided a separate network for IoT devices – a measure of building security , the basis of intelligent network. In fact, only 26% of respondents currently say they follow best practices for using micro-segmentation to keep IoT devices tightly within secure areas.

Sean concluded, “Employees inadvertently connect devices to corporate networks without realizing that these devices are often designed without built-in security features, potentially creating opportunities for cybercriminals to break into systems. Organizations need to be aware that IoT security Strategy is just as important as other development initiatives because the risks are often the same, if not more expensive.”

The Links:   F-51154NF-FW-AA LQ150X1DG12