Protecting the Cloud From the IoT
An attack on one device can lead to major security breaches
There are billions of connected devices in use worldwide, and that number is increasing by the millions every year. Unfortunately, many of these IoT devices, as well as those currently being developed and deployed, lack critical security features, making them easy targets for hackers and botnets. Without the proper security measures in place, these devices can lead to catastrophic events.
Once compromised, attackers can steal data stored on IoT devices, which may include personal information, passwords, and even credit card information. Worse, in some cases, hackers use IoT devices to collect data. A smart TV with a microphone and camera can be turned into a listening device, harvesting audio and video information. The device can sniff network traffic and exfiltrate it for offline analyses and map the network layout, finding additional targets to attack.
Many IoT devices collect data from a variety of sensors. They then transmit data to a cloud system for analysis and input it into a variety of business systems. If an IoT device is compromised by a hacker, the data produced by that device cannot be trusted. Furthermore, many IoT devices lack strong authentication. Cloud systems collecting data from these devices cannot trust they are receiving data from an authentic device. A hacker can easily create a clone or spoofed device to feed bad data back to the cloud system, compromising the related business processes.
Stealing network credentials
Hackers have been able to extract Wi-Fi passwords from pretty much any smart device: lightbulbs, door locks, doorbells, baby monitors, and even toys. Once hackers have compromised an IoT device, it is often used as an ingress point for attacks deeper into the network and for extracting data found within the network. For example, in 2017, hackers stole 10 GB of data from a casino via a Wi-Fi-enabled fish tank.
IoT devices with static or default credentials have enabled large IoT botnets to proliferate. The Mirai botnet — the poster child for IoT device botnets — infected millions of devices and was used to launch large-scale, coordinated, denial-of-service attacks against multiple targets, including the domain name system provider DYN, causing crippling problems for large portions of the internet in Europe and North America. Mirai scanned large blocks of the internet, looking for open telnet ports, then attempted to log in with a list of known default username/password combinations. This allowed it to amass an army of more than 600,000 IoT devices, which it used to flood targets, including DYN, with enough requests to knock numerous servers offline.
In many cases, IoT devices control critical systems in manufacturing, health care, transportation, and critical infrastructure. Past examples include an attack against a control system in a German steel mill that caused a blast furnace to be damaged, attacks against the power grid in the U.S. and Ukraine, cyberattacks against airplane control systems, and the notorious Chrysler Jeep hack in which security researches were able to remotely control a Jeep Grand Cherokee and drive it off the road.
Systems that control data centers, including power supplies, HVAC systems, and building security systems, are all vulnerable to cyberattacks. Attacks against these systems can directly impact data centers and cloud-based computing operations.
Vulnerabilities in IoT devices
Rushing new IoT devices to market results in design vulnerabilities, such as the use of hard-coded passwords, control interfaces that do not require user authentication, and communication protocols that send sensitive information in the clear. Such inadequacy leads to devices lacking secure boot functionality or authenticated remote firmware updates.
Manufacturers must begin addressing these security vulnerabilities by first evaluating their device’s vulnerabilities, deciding what to protect against, and then determining the required security features.
Adding a handful of basic security capabilities to IoT devices greatly reduces the risk of a cyberattack. These functions, which can be built in during the design phase, ensure the secure identity and integrity of the devices across multiple use cases, including industrial IoT (IIoT), automotive, aviation, smart cities, energy, medical, and more.
Secure boot utilizes cryptographic code-signing techniques, ensuring the device only executes code produced by the device OEM or other trusted party. The use of secure boot technology prevents hackers from replacing the firmware with malicious versions, thereby blocking a wide range of attacks.
Secure Remote Firmware Updates
Secure updates ensure devices can be updated but only with firmware from the device OEM or other trusted parties. Like secure boot, secure firmware updates ensure the device is always running trusted code and block any attempts to exploit the device’s firmware update process.
The use of security protocols, like TLS, DTLS, and IPSec, adds authentication and data-in-motion protection to IoT devices. By not sending critical data in the clear, it is much more difficult for hackers to eavesdrop on communications and discover passwords, device configurations, or other sensitive information.
Embedded firewalls provide rules-based filtering and intrusion detection. Stateful packet inspection (SPI) protects devices from attacks by building firewall technology directly into the appliance. An embedded firewall can review incoming messages from the web or over a home network and, via a built-in and regularly updated blacklist, reject any that are not previously approved. SPI filtering rejects packets that attempt to exploit weaknesses in the TCP protocol as part of denial-of-service attacks.
Secure Elements or TPM Integration
OEMs and medical device manufacturers should use a secure element, such as trusted platform module (TPM)-compliant secure element, or an embedded secure element for secure key storage. Secure key storage enables secure boot and public key infrastructure (PKI) enrollment using key pairs generated within the secure element, providing very high levels of protection from attacks.
Security protocols provide protection for data while it is transmitted across networks but does not protect the data while it is stored on the device. Large data breaches often result from data recovered from stolen or discarded equipment. Encryption of all sensitive data stored on the device provides protection should the device be discarded, stolen, or accessed by an unauthorized party. For instance, most office, business, and personal printers have an integrated drive inside that can store thousands of documents.
Certificate-Based Authentication and Identity
Device identity certificates can be injected into devices during manufacturing, allowing them to be authenticated when installed on a network and before communicating with other devices in the system.
The IoT User Factor
As users of IoT devices, there is less we can do to ensure security. Consumers are unlikely to know whether or not a connected device is secure, so they have little power to flex their purchasing choice. However, when a product offers built-in security, users must enable appropriate levels of security, delete default passwords, and set up stronger passwords.
At the end of the day, the responsibility of IoT security falls largely on enterprises that can put their dollars to work by purchasing only devices with strong levels of security.
The cameras that were infected and used as bots in the Mirai botnet infestation could have been protected from this attack had they used secure boot, firewall, or intrusion detection individually or in any combination.
By adding a few basic capabilities, the security of any IoT device can be significantly increased. And by protecting the IoT edge devices — the endpoints that need to be connected to the cloud to provide valuable services and features — the data centers and the cloud they support can be protected as well.