As per Statista report IoT devices will increase to 30.9 billion by 2025. To monetize this golden opportunity IoT device manufacturers are competing to bring new and latest devices in the market. However, in this race to bring the best and to be the best, it is noticed that security considerations often take back seat.
As per Z-Scalar report over 91.5% IoT devices are unsecure. According to Kaspersky, the firm detected more than 1.5 billion IoT attackers in first half of 2021. The attackers were looking to steal data, mine cryptocurrency or build botnets. Most of the attempts used telnet, while the rest used SSH and web. This means unsecured IoT devices are creating security holes in otherwise secured IT networks and hackers are benefiting from this. Some of these IoT devices are directly connected to the enterprise IT network making the complete IT network vulnerable to hackers.
One of classic example is a popular casino heist where fish tank IoT sensor, connected to IT network, was hacked and the casino user’s data was compromised. There are numerous examples where legacy Internet linked Cameras has security flaws that remain up-patched for a long duration. The focus of IoT device manufactures is to speedily capture emerging trends, which means old products don’t always get required security considerations as they should. We must bear in mind that the age of IoT device can be more than 4-5 years in most cases and these devices must be periodically updated with latest security patches.
An unsecured IoT device means hacker can perform Man-in-the-Middle attacks, DDOS attacks, use the device to gain access to enterprise network, steal critical data and /or attack critical infrastructure like power grids, internet blackouts etc. The failures of IoT security are well documented. It is essential for enterprises to protect critical data. The data must be secured both at rest and in flight.
Multiple organisations are working to bring secured infrastructure to IoT deployments. Techniques like PKI, TLS, DTLS with strong digital certificates are used to establish mutual trust while authenticating IoT nodes and servers. Enterprises have started using these techniques to secure their large IoT deployments.
The complexity of IoT network require more robust solutions. Typical IoT network consists of multiple sensors, end-nodes, routers, switches constantly sending data back and forth. Security failure at even one of these components can potentially put the network at risk.
The security risk in IoT devices also comes from the lack of standards. A lot of manufacturers use their propriety protocols and security technique which may or may not be tested for scale of IoT deployments. Organizations like oneM2M are working to bring harmonized standards for IoT to ensure secure, effective and inter-operable operation for IoT at scale.
Typical IoT Vulnerabilities
- Weak, Guessable or Hardcoded Passwords: Use of easily brute forced, publicly available, or unchangeable credentials, including backdoors in firmware or client software that grants unauthorized access to deployed systems. Weak, default, and hardcoded passwords are the easiest way for attackers to compromise IoT devices and further launch large-scale botnets, and other malware.
- Insecure Network Services: Insecure network services running on the device itself, especially those exposed to the internet, that compromise the confidentiality, integrity/authenticity, or availability of information or allow unauthorized remote control. Adversaries are seeking to exploit weaknesses in the communication protocol and services running on IoT devices to compromise and breach sensitive or confidential information exchanged between the device and a server. Man-in-the-Middle (MITM) attacks aim to exploit these vulnerabilities to capture credentials used to authenticate these endpoints and further leverage these credentials to launch greater scale malicious attacks.
- Insecure Ecosystem Interfaces: Insecure web, backend API, cloud, or mobile interfaces in the ecosystem outside of the device that allows compromise of the device or its related components. Common issues include a lack of authentication/authorization, lacking or weak encryption, and a lack of input and output filtering.
- Lack of Secure Update Mechanism: Lack of ability to securely update the device. This includes lack of firmware validation on device, lack of secure delivery (un-encrypted in transit), lack of anti-rollback mechanisms, and lack of notifications of security changes due to updates. No or very low security updates for legacy devices.
- Use of Insecure or Outdated Components: Use of deprecated or insecure software components/libraries that could allow the device to be compromised. This includes insecure customization of operating system platforms, and the use of third-party software or hardware components from a compromised supply chain. Use of low-cost/legacy hardware that cannot be upgraded to latest security patches.
- Insufficient Privacy Protection: User’s personal information stored on the device or in the ecosystem that is used insecurely, improperly, or without permission.
- Insecure Data Transfer and Storage: Lack of encryption or access control of sensitive data anywhere within the ecosystem, including at rest, in transit, or during processing. Use of untested proprietary protocols cause easily preventable security mistakes in design.
- Lack of Device Management: Lack of security support on devices deployed in production, including asset management, update management, secure decommissioning, systems monitoring, and response capabilities.
- Insecure Default Settings: Devices or systems shipped with insecure default settings or lack the ability to make the system more secure by restricting operators from modifying configurations.
- Lack of Physical Hardening: Lack of physical hardening measures, allowing potential attackers to gain sensitive information that can help in a future remote attack or take local control of the device.
Tips for IoT device manufacturers
- You should consider security in the design right from day one. Store data on device memory after encryption (Data at rest) and encrypt data before sending it over to network (Data in flight).
- You should provide secured boot and secured firmware update mechanisms.
- You should use the latest security techniques like PKI, TLS, DTLS with strong certificates. Do not compromise on the quality of certificates.
- You should regularly push security updates for old and legacy devices so that these devices do not become weak point in enterprise IT network.
- You should make use of open global standards to ensure wider compliance.
- You should make use of Trusted Platform Modules (TPMs) and Trusted Execution Environments (TEE) for physical hardening of devices. TPM is essentially a chip installed on an IoT device near the CPU. It’s mainly used for cryptographic operations that create a security key, save it, store data, and other related operations. They can ensure the integrity of the disk encryption and password protection platform.
Tips to protect enterprise IoT
- Change the default credentials of device to something more secure.
- Keep the IoT devices firmware current.
- Isolate the IoT device network.
- Restrict Inbound & Outbound network traffic and block unnecessary ports.
- In high critical zone Data diodes can be used to ensure one-way traffic only.
Role of M2MLogger
M2MLogger has been involved in design and development of cutting edge IoT devices. These are highly secured devices with secured boot, secured firmware update, secured configurations, strong certificate-based TLS encryption for data in flight, device lock and wipe amongst other features.
If you are an IoT device manufacturer then we will be happy to review the security gaps and help you address them properly.