What is it?
MQTT (which originally was an acronym for Message Queue Telemetry Transport, but since 2013 doesn’t actually stand for anything according to Wikipedia) is a protocol use for remote sensor and control (the Internet of Things – IoT); particulraly for industrial applications. MQTT operates unencrypted on port 1883 or encrypted on port 8883.
Why is it a risk?
When operating on the un-encrypted port 1883, MQTT offers numerous access point opportunities for attack.
How can you mitigate the risk?
If you do not actually need to monitor or control devices remotely using the Internet, then disable port 1883 entirely using firewall rules.
If you do need to use MQTT on the Internet, then change its configuration to encrypt the Internet traffic on port 8883. The ByteBeam article, A Beginner’s Guide to Secure MQTT in IoT, linked below provides detailed considerations and instructions.
Resources:
ByteBeam: A Beginner’s Guide to Secure MQTT in IoT
https://bytebeam.io/blog/beginners-guide-to-mqtt-security/
