Being a security professional certainly was easier back in the day before all these newfangled devices had Internet connections. I’m not sure how we became the get off my lawn! guys, but here we are. You probably scan for PCs. Maybe you even have a program to find and monitor mobile devices on your networks (though probably not). But what about printers, physical security devices like cameras, control systems, healthcare devices, and the two dozen or so other types of devices on your networks?
There will be billions of devices connected to the Internet over the next few years. They all present attack surface on your technology infrastructure. And you cannot fully know what is exploitable in your environment, because you don’t know about these devices living in the ‘shadows’.
Visible devices are only some of the network-connected devices in your environment. There are hundreds, quite possibly thousands, of other devices you don’t know about on your network. You don’t scan them periodically, and you have no idea of their security posture. Each one can be attacked, and might provide an adversary with opportunity to gain presence in your environment. Your attack surface is much larger than you thought. In our Shining a Light on Shadow Devices paper, we discuss the attacks on these devices which can become an issue on your network, along with some tactics to provide visibility and then control to handle all these network-connected devices.
These devices are infrequently discussed and rarely factored into discovery and protection programs. It’s another Don’t Ask, Don’t Tell approach, which never seems to work out well.
We would like to thank ForeScout Technologies for licensing the content in this paper. Our unique Totally Transparent Research model enables us to think objectively about future attack vectors and speculate a bit on the impact to your organization, without paywalls or other such gates restricting access to research you may need.
Download Shining a Light on Shadow Devices (PDF).