The proliferation of more than 16 billion connected computing devices today has significantly expanded the attack surface of our interconnected world. Unauthorized, BYOD, vulnerable Internet of Things (IoT) devices, and a rapidly expanding market of low-cost, plug-and-play, cyber espionage devices represent an emerging threat vector and nefarious counterpart to the IoT: the Internet of Evil ThingsTM (IoET).
“There’s not a CIO out there who has an effective umbrella strategy for the Internet of Things today,” said Shawn Wiora, CIO and CISO at Creative Solutions in HealthCare. “The attack surface is gargantuan – and continues to grow exponentially. Making matters worse, current approaches don’t offer the robust, enterprise-level security that’s needed.”
Pwnie Express surveyed more than 600 security professionals for the quantitative portion of a new report on rouge device awareness and concerns. Top findings include:
- The vast majority (83 percent) of respondents are concerned rogue or unauthorized devices could be operating, undetected, in their network environments already;
- Compounding the problem, 69 percent of security professionals report they do not have full visibility of all the wireless devices within their network environment;
- Rogue Access Points, MiFi and mobile hotspots were identified as the most concerning, high-risk devices today.
Pwnie Labs, the research and development division at Pwnie Express, assessed and analyzed a sample of over 250,000 wireless devices detected by Pwn Pulse, Pwnie’s rogue device detection system, across a variety of customer environments and industry verticals. The analysis resulted in an industry-wide categorization of the most prevalent hardware device threats affecting today’s global IT infrastructure into three key areas:
Category One: Unauthorized & Unchecked: Classifies rogue hardware, such as shadow IT and high-risk BYOx devices. The most prevalent devices diagnosed by Pwnie Labs in this category include:
- HP printers deployed in a highly vulnerable default configuration state – default
- Complete lack of encryption, also know as “open” network, was the most common passwords, unencrypted WiFi, wide-open default configuration – in 83 percent of customer environments. These default-state printers can be undermined to expose confidential print jobs, compromise corporate client devices and leveraged as a backdoor into private corporate networks; risk affecting vulnerable Wireless Access Points detected in 69 percent of networks
- Xfinity WiFi dominated the WiFi landscape as the most common open or unencrypted network in 58% of environments.
Category Two: The Internet of Insecure Things: Represents the proliferation of vulnerable IoT devices, such as hackable thermostats, critically flawed cars and vulnerable medical devices.
Category Three: Weaponizing the IoT: Represents the commoditization of malicious hardware, from Evil Twins and APs to HAK5 WiFi Pineapple and Keygrabber WiFi devices.
“This report underscores the need for increased visibility and actionable intelligence on all devices across the enterprise to enhance an organization’s ability to quickly identify and thwart an attack,” said Paul Paget, CEO, Pwnie Express. “It’s our hope that infosec professionals are empowered to mobilize and begin assessing their security systems’ readiness to defend business-critical infrastructure against the IoET threat.”