Researchers from Vectra Threat Labs recently performed an in-depth analysis of vulnerabilities found in a common Belkin wireless repeater. Today in an article on Dark Reading, Vectra CTO Oliver Tavakoli digs into why seemingly innocuous vulnerabilities can become serious problems in the context of the Internet of Things (IoT). Read the full article here.
Of particular importance to security teams, IoT is not only bringing far more devices into the network, but they are also devices that very rarely get patches and updates. This means that vulnerabilities can be left unaddressed for months or even years. Likewise, these devices are unlikely to be protected by signatures and will almost assuredly be unable to run client-based security.
This is yet another reason that organizations should supplement their traditional approach to security with behavior-based models of threat detection. It’s fast becoming the best way to detect an active threat or attack regardless of the type of device that was first infected.
Stopping every unknown exploit against a wireless repeater, air conditioner, or any of the thousands of other devices on the market is an impossible task. But if any of those devices begin scanning the network, spreading the infection or establishing a hidden tunnel between your network and an attacker outside your network, that behavior and dozens of others like it should immediately sound alarms.
With behavior-based threat detection and device context, you can have unified security context for your entire network in a way that signatures and malware analysis never will. And you’ll regain more control to stop attacks in progress throughout increasingly diverse and growing networks.
Wade Williamson is a cybersecurity writer, product manager and marketer with experience in positions from director of product marketing to senior security analyst.