IoT is an abbreviation of "Internet of Things" and is translated as an Internet of things in Japanese.The so -called concept that uses things that assume connecting to the Internet is called IoT.
However, conventional personal computers, smartphones (hereinafter, smartphones), servers, etc. are not applicable to IoT devices.On the other hand, instead of directly connecting to the Internet, sensor devices that connect to the Internet via a router or the like are also an IoT device.In addition, the interpretation that the router itself is included in the IoT device is common.In addition, typical products called IoT devices include electronic tags, beacons, sensors, and network cameras.
IoT equipment is being used in various fields, including offices, agriculture, medical care, nursing care, and construction.The use of IoT devices is also attracting attention from the viewpoint of developing new services by connecting the Internet, improving and improving operations using beacons, sensors, cameras, and promoting work style reform.
Although the shape of the IoT device is different from a personal computer or smartphone, it has a computer even if it is small.In addition, it has the characteristic of being connected to the Internet, which can be a target of cyber attacks just by running.
Regarding PCs and servers used in offices, there is a growing security awareness of recent security awareness, and measures have been taken, including the introduction of security software.There are a certain number of pieces and IoT devices that are difficult to be recognized as a computer as described above, and some have not even taken basic measures.User IDs and passwords required for access to equipment are often left in the initial state.
Against this background, there are cases where known vulnerabilities have been left unattended.There are a number of cases where equipment continued to be left alone despite being infected with malware, and was unknown to attack others.In particular, vulnerabilities are increasing in built -in TCP/IP stacks that have been widely used in recent years, and it is said that there are hundreds of millions of IoT equipment to be targeted.
利便性の裏で見失われがちなIoTデバイスのセキュリティ
With the increase in IoT equipment, cyber attacks aiming at IoT equipment are a major risk.A typical example of cyber attacks for IoT devices includes DDOS attacks by MIRAI discovered in 2016.On September 20, 2016, KREBS ON SECURITY received a large DDOS attack exceeding 620 Gbps.The DDOS attack was performed in a botnet built by an IoT device infected with MIRAI.
In addition, on October 21, 2016, DYN (Dyne), which provides DNS services, received large -scale DDOS attacks, and web services such as Twitter, Netflix, PayPal, and PSN (PlayStation Network), which are the customers of the company, are temporarily.I was affected by stopping.With the release of MIRAI source code at the end of September 2016, the MIRAI varieties have been born, and the risks are still remaining.
オフィスにおけるIoT機器を活用する際に知っておくべきリスクCyber attacks aimed at IoT equipment are also aimed at other equipment used in offices and homes.In pursuit of efficiency, there is a movement to aim for a smart factory, which is a next -generation factory.In the past, factories have used industrial robots and automatic assembly machines in the flow of FA (factory automation).However, these devices were designed to be completed and operated in the factory, and there was no need to connect to the outside on the Internet.Of course, although there are coordination between equipment, it was almost limited to M2M (MACHINE TO MACHINE), which consists of a network in the factory.
However, the use of IoT devices connected to the Internet is indispensable for realizing smart factory.The problem here is the on -site operation policy.Even if the factory facilities are updated, the operation is still old, dragging the rules at the time of completion in the factory.As a result, there may not be sufficient security measures that are essential for IoT equipment, such as regular updates to the latest firmware.
The trend of the opening of the control system also promotes the risk of cyber attacks.The existence of a factory is the core of the business for the manufacturing industry, so it has a great deal of damage when attacked, and can be said to be a good target for attackers.In fact, in 2005, 13 US automotive factories were infected with worms, and for nearly an hour offline, it could not be operated by $ 14 million.In addition, cyber attacks aimed at important infrastructure such as power plants and water purification plants as well as factories.Naturally, if a problem occurs, it can cause major damage.
Using IoT devices without being taken measures against cyber attacks is changing not only in a compliance perspective but also for preventing corporate brand damage.The following five points are important to protect IoT devices from cyber attacks.
User IDs and passwords of devices such as routers are often given defaults such as "USER" or "Admin" in the default (set at the time of shipment).The initially set password is easy to guess, so be sure to change it.In that case, I want you to set a user ID and password with as high as possible (hard to break).Attackers have frequently used user IDs and passwords as a list, and try to make unauthorized access by launching a Blue Force attack based on the list.
初期設定パスワードのままのインターネット接続デバイスを利用することを禁ずる法律がカリフォルニア州で制定In IoT equipment, there are many cases where firmware has vulnerabilities.In recent years, vendors have emphasized dealing with vulnerabilities, and as soon as the vulnerability is discovered, patches have been distributed as soon as they are discovered.I want to apply the fix patches that the vendors have started.
ファームウェアに潜むバグが、多くの一般家庭用ルーターを攻撃のリスクにさらしているIn some cases, malware invaded from old IoT devices that were no longer used, and gradually expanded infections.For such old IoT devices, if possible, remove the LAN cable and physically separate the network.If you cannot physically separate it, the safety will increase by removing the power cord or battery and not connecting to the network.
You can search for your own IoT equipment by using device search engines such as Shodan and Censys.The search results screen also displays the open port information and other security vulnerabilities, so it is a good idea to investigate security measures.
SHODANって知っている?悪用されることでどのような危険があるのか?Survey the damage level by implementing an attack such as invading and falsification in the same way as the attacker according to the actual assumed attack scenario, which diagnoses system vulnerabilities using tools.The use of the penetration test is also effective.By reconsidering measures based on these results, you will be able to reduce the risk of important bases such as offices and factories causing cyber attack damage.
システム侵入の実現性を検証するペネトレーションテストとは?【前編】In order to protect companies from cyber attacks aiming at IoT equipment, it is important to first understand the characteristics of IoT equipment.I hope that not only the administrator, but also the user who actually use these devices, it should be thoroughly used to use it in a vulnerable state of cyber attacks.