Abuse of Cloud Services and IoT

March 15, 2018 | Views: 2277

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

We’re pleased to be partnering with Cisco for this blog. Scroll down to download the Cisco 2018 Annual Cybersecurity Report

Ask any cybersecurity professional and most will agree that a large percentage of modern technology was developed without a ‘security first’ mindset. That is, companies work to ship a product and then try to backtrack on implementing security controls once that product is already in the hands of consumers.

Adversaries have become adept at manipulating the vulnerabilities left unpatched in these devices, where IoT and cloud services are no exception. In their Annual Cybersecurity Report (ACR), Cisco threat researchers share significant findings about attacker behavior over the past 12 to 18 months, delving into the specific attack vectors leveraged during this time.

When it comes to IoT devices, there is a particular layer of complexity added to the evolving security landscape. The risk of the devices, coupled with lacking organizational policies surrounding BYOD, leave many companies with more questions than answers surrounding which devices fall under their jurisdiction.

“Organizations keep adding IoT devices to their IT environments with little or no thought about security, or worse, take no time to assess how many IoT devices are touching their networks. In these ways, they’re making it easy for adversaries to take command of the IoT,” the report states.

Undefended Gaps in Security

Research conducted by Cisco partner Radware indicates that only 13 percent of organizations believe that IoT botnets will be a major threat to their business in 2018. Often, organizations are unmotivated to speed remediation, prioritizing other threats over that of the IoT.

Unfortunately, however, IoT botnets are on the rise as organizations continue to disregard their danger. Easier to control than a PC, IoT devices serve as targets of executable and linkable format (ELF) binaries since most devices are Linux- and Unix-based.

With an increase in IoT botnets, comes an increase in the number of application layer attacks overall. This means professionals will continue to have difficulty defending both IoT and cloud service environments, evident in the struggles practitioners are already facing in determining legitimate network traffic.

Because of all the ‘noise’ security practitioners are tasked with sifting through, in conjunction with the fact that many companies are unaware of which devices are connecting to their network or which services are being accessed by employees, has led to internal chaos easily exploited by adversaries.

Cloud services such as Google Docs and Dropbox (Figure 18), when leveraged for the purpose of command and control (C2), are even more difficult to determine as fraudulent network traffic and can easily penetrate established defenses.

As noted in the ACR, “These types of services face a dilemma in combatting abuse, as making it more difficult for users to set up accounts and use their services can adversely affect their ability to generate revenue.”

Defending the Changing Security Landscape

Internally, organizations struggle on whether or not it makes sense to block usage of legitimate Internet services. This enforces the need for a refined security policy and more stringent rules surrounding BYOD.

Cisco researchers advise using intelligent, first-line-of-defense cloud security tools, which can prevent users from connecting to malicious sites while on an enterprise network.

“Organizations can then determine whether the devices are scannable and still supported by vendors, and which employees in the company own and use them. Organizations can also improve IoT security by treating all IoT devices like other computing devices—helping to ensure they receive firmware updates and are patched regularly,” the ACR advises.

The Cisco 2018 Annual Cybersecurity Report is designed to help organizations and users defend against attacks. This report looks at the techniques and strategies that adversaries use to break through those defenses and evade detection.

The report also highlights major findings from the Cisco 2018 Security Capabilities Benchmark Study, which examines the security posture of enterprises and their perceptions of their preparedness to defend against attacks.

To read the complete Cisco 2018 Annual Cybersecurity Report, click here to download. Additionally, you can earn a badge and a Certificate of Completion when you pass the ACR 2018 Assessment, available here. Simply apply code ACR2018 to take the assessment free. 

 

Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
8 Comments
  1. Nicely done…Thank you for sharing!!

  2. I remember a time in Computer Science where having a Fridge connect to the Internet was typically used as the punchline to a joke.

    Fast forward a couple of decades… and it is no longer funny anymore.

    Most of these devices on the Internet of Things have about as much need to be part of that as they’d need to have an Internal Combustion Engine and four wheel drive. I mean… yes… it would be cool to have a television that can post on twitter while going around doing Dune Buggy stuff… but there really is not additional functionality these systems truly gain from it.

    At least with the Microsoft Internet Fridge from the 90s–it was to have you not have to worry about doing up a shopping list… so much as going through and correcting the errors in the shopping list your Internet Fridge gave you. I mean, we cannot even have a self-checkout station that does not complain that it does not have the expected weight in the baggage area–even though it does have the expected weight.

    I mean–sure yeah… the big reason is to avoid having people pirate stuff… but when your easily subverted anti-piracy measures turn into an environment that actually makes using the Internet worse… #facepalm

  3. Thanks for sharing great information.

  4. Nice, great discovery

  5. good read, well written.

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel