Cyber criminals and other adversaries may use specialized search engines (such as Shodan) to find vulnerable, publicly accessible systems, including servers, switches, printers, and Internet of Things (IoT) devices, and either exploit those devices or use them to gather information about an organization.
Assigning a private IP address can reduce the exposure of a device, but it does not prevent attacks entirely. The best way to protect systems from exploits and prying eyes is a “defense-in-depth” approach, which entails creating layers of defense so that if one layer fails or is inadequate, others will still offer protection.
Our risk advisory, Risk Mitigations for Devices on UW Networks, outlines best practices for managing security risks for devices on UW networks.