How better security could fix the 'broken' IoT

Author: DJ Singh, Digital Strategy Architect, Wipro Digital

IoT promises to connect products across industries: making our cars safer, improving fleet/inventory/asset management and tracking, machines and vehicles sharing remote diagnostic information, improving healthcare outcomes, and home automation. However, a lack of robust security models is a major concern holding back the rapid growth experts predict. The vulnerabilities of IoT could undermine the entire ecosystem, destroying users’ privacy and putting organisations’ private data and IP at risk.

We love our interconnectivity, but the cost may be too high – is the risk worth the reward?
Critical infrastructures – from gas pipelines to electric grids – have suffered cyber-attacks through vulerabilities in their computing systems. For example, a maintenance technician’s laptop was used to infect the otherwise isolated control system of a power plant by creating a backdoor that hackers could commandeer.

Security experts have demonstrated numerous severe vulnerabilities in connected cars, which has prompted legislators to introduce legal requirments for car manufacturers to ensure security and data privacy measures are in place.

Medical devices in hospitals, Insulin pumps with bluetooth interfaces, and even pacemakers have been easily compromised by security experts with the intention of highlighting risks posed by connected devices.

‘Smart’ but not safe – three ways hackers compromised home automation systems:

1. A new WiFi-connected ‘smart socket’ allows users to turn on or off any electric appliance connected to the socket. A security review revealed that the socket shared data to the manufacturer’s server located in China. The poorly implemented data encryption allowed hackers to manipulate the device via its exposed MAC.
2. A cloud-based baby monitor service allowing users access the devices over the internet has a vulnerability allowing hackers to easily extract the device’s serial number. Simply incrementing the digits allows access to other cameras.
3. Another web/WiFi camera from a major brand uses a telnet/web service that has multiple Cross Site Scripting vulnerabilities allowing unauthorised access to the camera’s functions and file storage. Furthermore, these cameras are proxied to a cloud provider that has port numbers assigned in an easy to guess pattern making them vulnerable to enumeration attacks.

Why is it so complicated to secure IoT systems?
The IoT supports devices from a large number of manufacturers, who will implement ‘backdoors’ they can access to make changes, bbut unless field devices use mutual authentication or other encryption techniques, firmware updates can be compromised. Even if individual devices are designed with device-level security, an interconnected architecture may still expose vulnerabilities.

Electronic devices in general have accessible interfaces such as JTAG ports and MAC addresses that provide an increased ‘attack surface’ and make devices vulnerable to invasive attacks that reverse engineer security. Also, devices invariably share components and firmware across product lines, allowing a vulnerability detected in one system to be exploited in another one using the same chipset.

Most IoT systems also have field sensors that can be subject to physical security issues: critical sensors can malfunction if subjected to higher operating temperatures or voltage ranges. They can simply be vandalised, or even replaced with rogue devices connected to a cybercriminal’s Bot network.

Quite often, IoT devices are ‘watered down’ versions of more sophisticated systems, which may lead to vulnerabilities. For example, the consumer version of a thermostat made by an industrial HVAC manufacturer had security vulnerabilities not found in the industrial-grade version.

In cases like the widely reported hacking of baby monitors, some devices may have hardcoded default passwords that users did not change, thus making them vulnerable.

How can IoT systems be made safer?
IoT systems must be designed to prevent attacks, be resilient under attacks and be able to detect and recover from such attacks.

One example would be secure chips with secret keys, which can make it difficult for malicious actors to introduce rogue devices undetected. To make critical devices harder to reverse engineer, physical unclonable functions can be used to create unique identifiers that only exist when the chip is powered up.

When a hacker gains access to a device, there are several ways to reduce damage:

1. Shrink the size of your trusted computing base to minimise the attack surface.
2. When performing calculations across multiple computers, only share encrypted data with other systems.
3. Similarly, ensuring integrity of data store as well as integrity of computation (to prevent buffer overflow attacks) can help systems quickly recover after attacks.

Identity is at the foundation of security – it’s equally important to create a robust and comprehensive notion of identity for IoT devices. Identity works together with analytics to gain insights and present them in an easy-to-comprehend visual, which will help create an advanced landscape of threats, especially for large-scale IoT systems.

What happens next?
Industry players often shy away sharing or reporting vulnerabilities to avoid negative publicity that may hurt their business, making it difficult for the industry to address security issues in a proper manner.

However, some organisations are taking notice. The healthcare industry is working closely with a consortium of medical device manufacturers to share data, identify vulnerabilities, and define standards. The automobile industry has also established a security standard, paving the way for better collaboration to make automobiles safer from cyber attacks.

Players in the IoT ecosystem must work together to clearly define the scope of risks IoT systems face, share data on vulnerabilities, define safety classes of devices, and inform and educate consumers of the potential risks of using IoT systems. This should help establish a robust security model for IoT, removing the bottleneck preventing the explosive growth that experts predicted – without putting users’ privacy at stake.