The Internet of Things (IoT) is no longer just big, it’s gargantuan. It’s sprouting new arms and legs every day, and that enormous quantity of IoT devices is creating some worrying risks for businesses. With so many devices proliferating across the world, any vulnerability’s impacts have the potential to be far greater – far more widespread – than would have been the case even just a few years ago.
Such is the scenario with Ripple20. Lurking in the Treck TCP/IP stack, Ripple20 isn’t just a single vulnerability but 19 different vulnerabilities plaguing a broad slew of IoT devices. Ranging from printers to industrial control machinery to medical equipment, affected devices are found in so many different sectors that it’s useless to try to list them all. Suffice to say Ripple20 has worked its way into every corner of the globe, nearly every industry, and an exhaustive list of functions.
While Ripple20 is receiving a lot of attention due to its stunning scope of impact, the lessons it could (and should) impart are only minimally related to its size. Instead, the takeaways are rooted in many of the same long-standing IoT security issues enterprises have been grappling with for years. For those enterprises that still have not addressed core IoT risks or plugged known gaps, Ripple20 is just the first in what could be a string of disruptive and damaging exploits.
One reason Ripple20 and similar vulnerabilities are so successful is the lack of onboard security capabilities that make IoT devices needier than most endpoints. Rather than rely on built-in security features to provide at least a modicum of protection, businesses must add whatever tools the device’s meager memory and OS functionality will support. Making IoT devices network-ready requires more work and time, meaning IT groups sometimes opt for speed over security. Devices are launched as-is, often leaving the network and other connected assets at risk.
Another challenge highlighted by Ripple20 is the number of IoT devices that permeate organizations everywhere and in every sector. Manufacturing, utilities, healthcare—some industries lean on IoT devices more than others but almost all use them to some degree. Further complicating the problem is the expanding use of IoT devices. Rarely are there just a few in use. Instead, companies frequently deploy them by the hundreds or thousands, and they continue to add new devices as their operations and the devices’ technology capabilities grow.
In a nutshell, there are lots of devices in use that lack the proper safeguards. It’s a recipe for trouble and your operations are almost guaranteed to suffer some kind of disruption if you continue to put unsecured devices on your network.
What IT needs is a way to make IoT management sustainable. Even when the team tries to be diligent about applying security tools and protocols to IoT devices during the onboarding process, there are just too many to keep up. What begins as an earnest effort to maintain a secure environment morphs into a sprint to spin up new IoT hardware as quickly as possible. IT needs to move much of the manual work off their plates, enabling faster deployments while applying the security protocols necessary to keep the network safe.
Avoiding the consequences of another Ripple20 – and the long history of vulnerabilities tells us there will be another one – calls for a new approach to maintaining security in the IoT space. A handful of solutions are already enabling a new kind of strategy, such as Ordr’s highly effective platform that allows enterprises to automatically identify and classify devices coming onto the network. Using AI behind the scenes for serious horsepower, Ordr takes on most of the heavy lifting, unlike traditional NAC solutions that require extensive manual device profiling. IT can quickly add new devices without sacrificing security. The platform also discovers new devices attempting to connect, so any departments that may try adding their own hardware without involving IT won’t find an easy route around the organization’s security standards.
This next-level approach provides a consistent and sustainable method for IoT management without adding time or staff. Ordr’s solution solves the fundamental problems that make Ripple20 and its ilk so damaging. The platform also provides organizations with the kind of visibility into device communication use and utilization that enable them to streamline their operations, find opportunities to increase efficiency, and maintain awareness of how network resources are being consumed.
We’ll cover the challenges posed by Ripple20 and similar IoT-focused threats in our upcoming AlwaysOn webinar scheduled for August 13th with Ordr’s own CISO Jeff Horne. Be sure to join us for an engaging discussion on how your organization can prevent impacts to your operations and keep your IoT security strategy moving forward.
Get in touch