IoT technologies offer many remarkable benefits. They can make complicated tasks, such as tracking a fleet of thousands of vehicles, monitoring and adjusting manufacturing processes or automating a smart home or office simpler, easier and more cost-effective than ever before. By inviting IoT devices into our homes, workplaces and public spaces, however, we also expose new attack surfaces. When we assign an IoT system to be responsible for a critical task or trust it to monitor sensitive information in our most private spaces, we want to ensure that the system can be trusted. For this reason, it is vital that security best practices are applied at all stages when developing an IoT solution.
Familiar Old Friends
Although IoT systems introduce a slew of new security considerations, we must also remember all of our old internet security best practices. The goal of many if not most IoT systems is to monitor and surface information to human users. We need to be sure to use best practices for user management, authorization, and authentication and data storage. Hashing passwords, sanitizing inputs, using SSL for all connections and using tools like two-factor authentication are standard practices across the technology industry. The IoT sector is—or should be—no different.
Because of the often sensitive and sometimes personal nature of the information gathered and generated by an IoT system, access control is also of paramount importance. Permissioning needs to be considered at a project, sub-system, device class, or even a specific device-level basis. One of the most important steps in creating an IoT solution is considering who should have access to what data. While the permissioning for this type of system might be more granular than many others because of the sheer number of devices involved, the same basic principles apply.
New Horizons
In addition to all of the old familiar security considerations, IoT systems introduce a host of new risks and perils.
It is crucial for any company considering the deployment of an IoT system to identify a trusted hardware partner as so many of the security risks inherent in IoT systems begin at the hardware level.
IoT devices store and use cryptographic keys to transmit their data through a gateway and (often) onward across the broader internet. Access to these cryptographic keys can allow malicious actors to spoof device data and wreak havoc on IoT systems. Because physical access to these devices in many cases can’t be controlled as rigorously as it can be with traditional computing devices, it is important that measures are taken to prevent physical device-level tampering. In some cases, where proprietary data and code are stored on the device, it may even be appropriate for the device to self-sabotage, destroying all onboard data when unauthorized access is detected.
In a world in which IoT devices control physical processes involving business operations and human safety, failure to properly secure IoT hardware can result in lost revenue, or in the worst case, lost lives. Even attacks that are seemingly less ominous can be extremely damaging to a company’s brand and the trust of their customers. Recent attacks on IoT devices, particularly webcams, in order to create giant botnets used for launching Distributed Denial of Service (DDOS) attacks are prime examples of this. A key part of these types of attacks is that the attack remains undetected. By their nature then, these attacks are not immediately damaging to hardware and software systems of targeted companies. Once it is discovered and disclosed that a company’s IoT devices have been compromised, the loss of trust that customers have in that company’s products can be devastating.
In many ways, IoT software solutions are only as good as the data being fed to them by hardware. If a hacker were to gain access to a device, extract its cryptographic keys or patch its firmware with malicious code, it would be very hard to detect that the device had been compromised because IoT data—being generated in the asymmetrical real world—is often unpredictable. It can be helpful, however, to run data analysis to ensure that devices are reporting as expected. For instance, if a device seems to be reporting more frequently than expected, it could be a sign that a device’s unique id is being used to spoof data. Setting boundaries and expectations on your data can highlight data irregularities that may indicate nefarious activity on your network. It is also appropriate in many situations to know the exact parameters that a device’s message specification should follow and to only allow certain types and fields of data to be written to storage or acted upon.
IoT Security for the Future
With the introduction of IoT solutions composed of many thousands or even millions of devices, the attack surfaces for these systems are greater than perhaps any other. However, balancing out these risks are the promise of huge, world-changing rewards. As is always the case, working with an experienced IoT solutions provider who can help you navigate this new, exciting, and sometimes frightening world is crucial.