By Puneet Bajaj
IoT is used by the industries that require understanding of consumer needs in real time to become more responsive. It would improve machine and system quality on the fly, streamline operations and discover innovative ways to improve their digital transformation strategy and customer service experience.
Ideally, manufacturers of new IoT device will build better security into their products, but there are no guarantees. We nevertheless accept vendors (most of the time don’t even verify) who don’t realise security or don’t care much about it. The potential of attackers to shut down or corrupt the actions of IoT devices that control equipment or interact in some other way with the physical world has long been the source of many scary scenarios. Be it by compromising Internet-connected pacemakers, smart cars or power plant equipment, the threat of attackers causing real-world damage is terrible. Although the attacks majorly fall under DDoS category, the non-DDoS IoT attack involves objectives such as gathering proprietary information or conducting espionage.
Botnets and Thingbots
A botnet is typically a collection of connected computers that are used to carry out repetitive tasks. However, illegal botnets gain access to computers by infecting them with malicious code. This code then adds the computer to the botnet. Most of the time people don’t even know their computer has been compromised. Now, if we replace the botnet computers with IoT and connected devices – so your smartwatch, your smart TV, your home hub (Alexa, Google, Apple, etc.) and your smart fridge – we’ve made ourselves an Internet of Things botnet, known in short as a Thingbot.
One noticeable attack occurred when the Mirai botnet attacked Dyn, a company that provides domain name services to major companies including Netflix, GitHub, Twitter, and Reddit.
Brute force password attack
Brute force attack includes figuring and applying common passwords and a program that is designed to establish a Telnet session using each word on the dictionary list. Also, the phase of Brute force attack involves the attacker using a program that creates sequential character combinations in an attempt to “guess” the password. It might take a longer time, but Brute force attack can crack almost all passwords used.
One notable arrival on the IoT scene was VPNFilter- the malware devised to infect routers and some types of storage devices. VPNFilter is notable as it can persist even if the infected device is rebooted. It can carry a range of payloads that can, for example, capture and exfiltrate data or steal credentials. One of its more troubling actions is the interception of the Supervisory Control and Data Acquisition (SCADA) protocol communications used by much industrial plant machinery.
Man in the middle attack (MITM)
The concept is where an attacker or hacker is looking to interrupt and breach communications between two separate systems. This attack can be fatal as the attacker secretly blocks and catches the transmission of the messages between two parties, wherein the participants are unaware of the intervention. The attacker, having original communication, can use the same for any destructive intentions.
Data and identity theft
The main strategy of identity theft is to gather data. General data available on the internet, combined with social media information, plus data from smartwatches, fitness trackers and many more give a great all-round idea of your identity. The more the details are obtained about the user, the more easier it is to attack the aimed target for the identity theft.
IoT devices have become more commonplace in homes and offices. Unfortunately, hackers will develop more cunning ways to exploit them. Hence, there is a need to protect the IoT devices of the users. Getting into the below-mentioned security habits can protect you from a wide variety of IoT attacks-
Password management: Look for ways to set strong passwords, as strong passwords on the routers can prevent the type of DDoS attack. Also, change your passwords frequently and use strong passwords randomly mixing upper and lowercase letters with other special characters.
Frequent checks of OS patching: It is recommended to regularly check and install the IoT firmware updates that are released regularly for the vulnerabilities. If you have numerous devices to protect, use automated patch management software and schedule the updates accordingly.
Isolation of networks: When you’re dealing with IoT devices, it’s wise to segregate them in a separate network unconnected to your main office network. Isolation of networks will provide restricted access to the internet and protecting mission critical files.
Access management: Organisations should have a fair idea about who is possessing access to the infrastructure. It is recommended to restrict the privileges to the users to operate on these devices.
Encryption of data: Encryption plays a significant role in data protection. It helps in securing data both while in transition and at rest. For protecting data in transit, businesses often choose to encrypt sensitive data before moving and or use encrypted connections to protect the contents. For protecting data at rest, businesses can simply encrypt sensitive files before storing them and choose to encrypt the storage drive itself.
Following the above best practices will help but doesn’t guarantees what new threats will get released on a daily basis hence keeping systems updated, isolated and data encrypted becomes a core principle for maintaining IoT environments.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]