A handful of IoT-related attacks seem to receive the most attention in the popular press. There is, of course, the Mirai botnet that brought down a chunk of the internet last year. There’s BrickerBot, which renders insecure IoT devices unusable. On the industrial side, Stuxnet is famous for causing physical damage to nuclear centrifuges in Iran. And then there is BlackEnergy — a malware variant that shut down a portion of Ukraine’s power grid.
Pure software attacks:
This category includes malware variants such as viruses and trojans and worms. Also in this category is fuzzing, in which random data is thrown at software to see how it reacts. Distributed Denial of Service (DDoS) attacks can be software-based as well, although they can also occur at lower levels of the OSI Model. One potential example of an IoT-related DDoS risk would be safety-critical information such as warnings of a broken gas line that can go unnoticed through a DDoS attack of IoT sensor networks.
Network attacks:
One of the biggest vulnerabilities of IoT devices is their wireless connectivity, which can make them remotely exploitable. Here, there are a variety of possible attacks that are possible on the devices, or “nodes,” connected to the network.
In an enterprise Internet of Things context, those nodes typically communicate with the gateway that is the core of that implementation. The node connects all of the IoT devices to the cloud.
Let’s assume that we have an industrial IoT application with interconnected gateways linked to each other in a mesh network. If a hacker jams the functionality of a gateway with denial of service requests, they can bring down the whole IoT project. Thus, a single attacker can stop the IT and OT elements of a system from interacting, as we discussed in the article “IoT gateway architecture: Clustering ensures reliability.”
Attacks with a physical component:
IoT attacks at the physical layer of the OSI Model require unauthorized access to physical sensing, actuation and control systems. Consider how electronic car theft works as an example. Since cars are essentially computers on wheels, hackers have a variety of options at their disposal. They can clone the radio signals from a key fob to open a locked vehicle. A hacker with physical access to a vehicle’s Controller Area Network (CAN) bus underneath the steering wheel can cause all sorts of mischief: They can unlock the car’s immobilizer that stops a thief from driving away and reprogram a new key for the vehicle. Access to the CAN bus could also enable them to hack the speedometer, door locks and other components.
The similar threat applies to industrial control systems, which have a decades-long history. Many industrial machines make use of supervisory control and data acquisition (SCADA), a technology that was created decades ago without much thought about security. As a result, an attacker with physical access to a SCADA system can cause significant damage to industrial facilities and critical infrastructure.
Similar threats could apply to medical devices. An attacker could gain access to an implantable device such as a cardioverter defibrillator or an external medical device such as an insulin pump to install malware.
Side-channel attack:
A side-channel attack is the IT equivalent to spotting a liar by their nervous behavior while fibbing rather than what they say. In other words, the attacker can infer which encryption is used without having access to either plain or ciphertext. There are myriad ways this might work. An attacker might study a device’s power use or optical or radio emanations. A hacker could even observe the sounds coming from the electronic components within a device and use that information to crack its encryption key.
Side-channel attacks are a threat to IoT devices as well as traditional IT infrastructure. There is, however, a big difference between IT and IoT security. IoT systems typically use weaker authentications and have less-effective layers of security than conventional IT infrastructure.
Cryptanalysis attack:
In this type of exploit, a hacker tries to recover an encrypted message without access to an encryption key. Examples include brute-force attacks when a hacker tries every possible password combination to gain access to a system. The known-plaintext attack, with roots stretching back to WWII, is another example, in which a hacker has access to unencrypted text as well as its encrypted counterpart. Another possible exploit in this category is a so-called “man-in-the-middle-attack” where hackers position themselves in between two network nodes to gain access to the communication between them.
Why it’s time to batten down the IoT hatches
After hearing countless predictions about billions of connected devices and trillions in market value, it’s easy to understand why Internet of Things devices are proliferating. But the landscape certainly poses a challenge to cybersecurity professionals. Many of the IoT devices out in the field now have poor security. The complexity of the IoT landscape makes it hard to tick all of the security boxes.
In theory, it should be relatively straightforward to answer questions like these: Is the cloud architecture of your IoT application configured correctly? How many IoT devices are on your network? Are any of them are using hard-coded passwords? How would you react if your IoT implementation was hacked?
Security problems that can besiege IoT applications include:
- Lack of mature technologies and business processes: There is a proliferation of diverse standards. This complexity can, in turn, help enable the introduction of vulnerabilities and provides attackers with a way to infiltrate the enterprise.
- Limited guidance for lifecycle maintenance and management of IoT devices
- Physical security concerns
- Lack of agreement on how to approach authentication and authorization for IoT edge devices
- Lack of best practices for IoT-based incident response activities
- Audit and logging standards are not defined for IoT components
Supply chain vulnerabilities
Enterprises with IoT applications can achieve trustworthiness at each level of the supply chain, including people, process, design, manufacturing and delivery levels. If there is a lack of information transfer at any link in the supply chain, it can enable security vulnerabilities and possibly open it up to a breach. Enterprise companies should have a policy in place to prevent unauthorized access to important systems while weeding out rogue vendors who could leverage technical loopholes to obtain sensitive data.
No comments:
Post a Comment