A new botnet called Matrix has been running distributed denial of service (DDoS) attacks on Internet of Things (IoT) devices such as IP cameras, routers, and digital video recorders across the globe. The cybercriminal exploited vulnerabilities like weak passwords and known software issues to stage this worldwide attack.

The lack of sophistication of the campaign is sounding alarm bells. The hacker acted alone, using off-the-shelf solutions. In the words of cybersecurity researchers at Aqua Security: “The simplicity of these methods highlights the importance of addressing fundamental security practices, such as changing default credentials, securing administrative protocols, and applying timely firmware updates, to protect against broad, opportunistic attacks like this one.”

Manual maintenance just doesn’t cut it

The reality is that while everyone agrees in theory about the importance of these security measures, they can be challenging to implement in practice. It can be overwhelming to track every device in sprawling, diverse, and growing physical security fleets. Many companies simply don’t have the resources. There is also tremendous potential for error when these processes are done manually. 

As Michael Dunn, Strategic Innovation and Business Development at Wachter Inc., explains: “Manually updating systems is a terrible, tedious act that you would have to do…To physically go through and update each one individually is almost impossible. The cost is just prohibitive.”

Why IoT device management systems are critical

Organizations are turning to IoT device management systems to ensure these processes are done correctly and on time. The value of these systems lies in four major areas:

1. Automation of time-consuming tasks

The ability to automatically update passwords and firmware at scale as needed is the first line of defense against malware attacks. Eliminating human error goes a long way toward protecting your devices.

2. Visibility across your ecosystem 

Centralized management of physical security devices provides real-time insight into suspicious activity. The system can flag aberrations and immediately send alerts to the right person. One holistic view of the entire infrastructure for all sites, manufacturers, and models is key for identifying potential problems. “…There is a great advantage to monitoring all of your IoT devices and being able to ensure that instantly, on one page, you can go and see all of your devices and the status of those devices, and then be able to update passwords, firmware and then deliver information from reporting capabilities out to your clients, executives, and even to your team on things that are happening within the system,” said Garett Jaco, VP, Global Security, Compass Datacenters.

3. Coordination and collaboration with IT and Cyber teams

In today’s connected world, cybersecurity and physical security can’t afford to function independently. A management system that integrates with IT ticketing tools like ServiceNow leads to quicker response time and faster resolution. 

4. Fast and remote remediation

If there is an issue, there’s no time to waste. You need to know the root cause immediately and fix it immediately. The time lag involved in truck rolls can have disastrous consequences. It’s essential to be able to resolve potential problems remotely.

To learn more, download the white paper “7 Strategies for Protecting Your Physical Security Devices from Cyber Attacks.”