Keeping the IoT Secure with Shodan

IOT, IoT Attacks, IT Best Practices, Ophtek, ,
29
Jan 2020

The Internet of Things (IoT) is getting bigger and bigger. But this popularity is making it a target for hackers. Thankfully, Shodan is here to secure it.

It’s difficult to imagine life without the IoT; the sheer range of possibilities it opens up is astonishing. But it has also attracted a number of headlines due to its shortcomings in security. Naturally, the opportunity to strengthen security around IoT devices is one of great interest. And now there’s a website which promises to maximize your IoT security. Its name is Shodan and it could just revolutionize your device security.

Let’s take a look at what it is and how Shodan can keep the IoT secure.

What is Shodan?

Shodan is, in its simplest terms, a search engine for IoT devices. It’s similar to Google, but rather than searching for news on your favorite TV shows, you can use it find IoT devices. As long as a device is connected to the internet, Shodan should be able to find and identify it. And this applies to any IoT device be it a printer, security camera or refrigerator.

How Does Shodan Work?

The part of the internet that the IoT connects to is usually considered invisible, but all it takes is the right algorithm to analyze it. And this is what Shodan does. The overall mechanics of Shodan’s algorithm is complex, but here’s a breakdown of how it works:

  • Creates random IPv4 addresses which are used to identity network interfaces on a machine
  • Scans the internet for a real time list of connected IoT devices
  • Scans each device by checking a selection of available ports
  • Analyzes each port for a unique IPv4 address
  • Grabs a selection of metadata from the device which includes: usernames, passwords, geographical location and IP addresses

And all of this information can be displayed in the search results on Shodan.

Is Shodan a help or a Hindrance?

The amount of sensitive data that Shodan can expose is worrying. The last thing you want is for your usernames and passwords to be compromised. This could lead to grave consequences for your security. But is Shodan as scary as it sounds? Well, the truth is that it can actually enhance your IoT security.

Shodan is now a popular tool for security professionals to evaluate their IoT devices. And it’s most commonly used in the following ways:

  • Detecting Vulnerabilities: Shodan has a range of filters available that you can use to identify potential vulnerabilities in your IoT devices. This could include the use of default login credentials (these are the only login details that Shodan exposes) or which ports are currently open. By identifying these vulnerabilities with Shodan you can rectify them.
  • Track Exploits: Hackers are industrious characters and relish the challenge of identifying exploits. And the result is that IoT devices are constantly in their targets. Thankfully, Shodan is on hand to help. It does this by collecting together all known exploits for IoT devices and making them available. All a user has to do is use the Shodan search engine to search for specific terms and uncover any known exploits.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

A Quick Guide to the Internet of Things

Internet of things, IOT, Office IT, Office Network, Ophtek, user friendly, , , , ,
30
Apr 2019

You have may have heard the Internet of Things (IoT) mentioned several times in the media and by colleagues, but what exactly is it?

Thankfully, the good news is that the IoT is a relatively simple concept and, more importantly, it can make a huge difference to your organization’s IT operations. It’s likely that you’re rapidly becoming interested in the IoT the more you hear about it, so wouldn’t it be amazing if you had a quick guide to the ins and outs of the IoT? Well, you’re in luck as that’s exactly what we’ve put together for you.

What is the Internet of Things?

Any business, no matter the size of its operations, needs to use a wide variety of IT devices on a daily basis. Traditionally, the majority of these devices have been connected by cables and controlled directly by the end user or through an onsite IT team with access to the network. The IoT, however, brings a whole new level of accessibility with its revolutionary use of internet connections.

Put simply, the IoT allows users to connect devices to other devices and networks that can accept an internet connection. Sure, it may sound as though this is merely using wireless capabilities and nothing new, but the IoT is significantly different. Connecting to central servers through an internet connection means that your organization’s networks and smart devices can be remotely controlled from any location in the world.

What Can You Do with the Internet of Things?

The accessibility on offer from the IoT is clearly an interesting proposition, but what exactly can your organization use it for? To be honest, it’s a more a case of what you can’t use it for. Let’s take a look at some of the IoT most popular uses:

  • Remote Working: As long as your employees have an internet connection, they can connect to your organization’s networks and access email, databases and files just as easily as if they were sat in the office at their workstation. This is highly beneficial for employees who are working away on business, but it also opens up a whole new world of remote working which, with studies showing it’s highly beneficial for staff, could seriously increase productivity. 
  • Collecting and Sharing Data: The amount of data in use by businesses is getting bigger and bigger, but monitoring this is becoming more difficult with traditional IT setups. However, IoT devices are so varied and widespread that it’s now possible to collect data on almost any element of business you want. Tracking vehicle data, for example, through the use of IoT trackers can allow you to make use of your vehicles more efficiently. 
  • Enhance the Customer’s Experience: The lifeblood of any organization is the customer base and thanks to the IoT you can understand their needs better than ever before. IoT sensors installed in products such as, for example, refrigeration units can remotely monitory temperature fluctuations and, if necessary, send alerts when temperature thresholds are breached. 

The IoT Is Here to Stay.

With over 26 billion IoT devices due to be in use by the end of 2019, the IoT is clearly making a massive impact on the IT landscape. With a number of benefits that can make a significant difference to the way your organization works, it’s time to start embracing the power of the IoT.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Are Internet of Things Devices Safe to Use?

Internet of things, IOT, IoT Attacks, Ophtek, Security, , , ,
16
Apr 2019

The Internet of Things (IoT) has revolutionized the way we connect and interact with physical devices, but is this new technology as secure as it should be?

Clearly, with around 26 billion associated devices estimated to be in use during 2019, the IoT needs to be secure due to the amount of data being transmitted. However, as the IoT is a relatively recent phenomenon, it’s no surprise that so many headlines are warning against the dangers of this technology. Naturally, this kind of scenario can cause concern for organizations that are looking to get on board with the numerous IoT benefits on offer, but should you really be worried about the security risk?

What is the Internet of Things?

The basic premise of the IoT is a lot simpler than you would imagine: using internet connections, physical devices can communicate with one another while also being remotely controlled and maintained. So, for example, if you want to control the lighting in your office, you could use a remote application to adjust the lighting from, if necessary, from anywhere in the world. And all you need is an active internet connection for the app to connect to the device.

What are the Safety Risks of IoT Devices?

As we’ve mentioned, there are certain dangers attributed to IoT devices that can seriously threaten the security of your devices and any data transmitted by them. Some of the more pressing risks include:

  • Default Login Credentials: Many IoT devices are sent out with default login credentials, so this means that the username and password details will be exactly the same for every single one of those devices sold. And it doesn’t take long for hackers to begin sharing details of this vulnerability with their fellow hackers. Accordingly, changing default login credentials to a more unique configuration should be the first thing you do before connecting such a device to your networks.
  • Unnecessary Features: Sometimes, IoT devices are packed with a wide range of features that are completely unnecessary for your organization’s needs. The most common example of this is the option of remote access which, for many in-house IoT devices, simply isn’t necessary as all it does is open up a pathway to your network for hackers. Therefore, make sure that only the most relevant features are activated on your IoT devices.
  • Patching IoT Devices is Difficult: Due to the wide variety of manufacturers making IoT devices, many of these companies simply don’t have the technical knowledge to release regular and effective patches. And this represents a major security risk due to the constant efforts of hackers to exploit security vulnerabilities. In these instances, the best way to prevent a breach is to monitor these less secure devices for any unusual network activity. This approach should, at least, indicate if there is a potential security breach in progress. 

Final Thoughts

Although there are a number of very real security risks associated with integrating IoT devices into your organization’s IT network, these don’t have to convert into a major security breach. Instead, these risks can be significantly reduced by following the advice listed above which will protect your network and keep all your IoT devices interacting with it seamlessly.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Security Trends to Look Out For in 2019

Cyber Attack, Encryption, Hacking, Internet of things, Ransomware, Security, Security Threats, , , , , , ,
04
Dec 2018

2018 has been a year where malware, ransomware and data breaches have barely been out of the headlines, but what’s in store for cyber-security in 2019?

As long as there’s a digital landscape, hackers will continue to launch an array of attacks that take in numerous different techniques. And, most importantly, they will continue to evolve their methods to avoid detection and cause more damage to networks and the PCs on them. With this in mind, it’s perhaps the best time to take a look at the security trends which will be most important for your organizations defenses next year.

To help you get prepared for next year, we’re going take a look at some of the major security trends to look out for in 2019.

Backups will continue to be Crucial

With ransomware still remaining a prevalent and major threat to secure and essential data, backing up your data regularly and rigorously will be a vital task for all organizations. Backups may seem a costly affair in terms of budget and time, but it only takes one employee to fall victim to a ransomware scam for your entire network’s data to be compromised. And with new ransomware scams such as Zenis deleting backups, it’s essential that offsite and non-network backups are also held.

Coinminer Malware Remains a Threat

Cryptocurrency is still a lucrative business and mining for cryptocurrency continues to generate large amounts of cash. However, whilst this is perfectly legal and above board, the use of coinminer malware is far from legal or ethical. Due to the amount of processing power involved in mining for cryptocurrency, hackers are using malware to enslave PCs remotely and using their processor power to mine for cryptocurrencies. This form of malware has become harder to detect and more sophisticated throughout 2018, so expect it to evolve further in 2019.

The Hacking of IoT Devices will Increase

Close to 27 billion IoT devices will be connected in 2019 – an increase of nearly 3 billion compared to 2018 – so you can bet your bottom dollar that the number of attacks in this arena will increase accordingly. Unfortunately, many owners of IoT devices are still neglecting to change the default password to access these devices and this is giving hackers free rein to take control of them. Not only does the default password debacle remain an issue, but hackers are now designing malware to take advantage of vulnerabilities in IoT devices.

Security Training

Due to the threats already presented, security training will become paramount in 2019. As hackers evolve their methods of attack at a rapid pace, keeping your organization’s staff aware of these threats is one of the best forms of defense you can employ. Awareness training hammers home the basics of good security practices and you’ll find that these can also be used to combat the new threats which will no doubt go head to head with your security defenses.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2 3 4 5