­­­Knock Out the 6 Biggest Threats to Your Cellular IoT Devices

Adam Weinberg -
Cellular Device Security
Illustration: © IoT For All

The upsurge of Internet of Things (IoT) solutions has been both a boost and a bane. It has revolutionized entire industries, powering everything from smart cities to AgriTech. On the other hand, IoT devices’ dependence on cellular connectivity has resulted in introducing new and unprotected endpoints.

The bottom line?

IoT device connectivity is both a strength and a weakness. While such connectivity enables services and applications that positively impact a business, it also puts the devices, the networks upon which they operate, and the organizations themselves at risk. What makes cellular IoT devices unique is that they are vulnerable on multiple fronts.

Who are the main culprits in attacks on cellular IoT devices? Count on your usual collection of classic cybercriminals – hackers, terrorists, criminals, and script kiddies – each motivated by money, challenge, politics, fun, or a combination.

IoT Dangers Posed by Threat Actors

Device Manipulation

Functionality attacks exploit device or network system loopholes to access control functions, which impacts service operation, spreads botnets, or starts denial-of-service attacks – overwhelming the IoT device and network.

During battery drain attacks, threat actors access the network gateway where the device resides and “wake up” a battery system component far more frequently than necessary, draining the batteries and requiring them to be constantly replaced – a costly situation.

Data Channel Rerouting Attacks 

Attackers can sniff out and tamper with sensitive information by altering the path of the data on its way to or from the attacked device in the cellular network.

This can be done by maliciously altering the Access Point Name (APN) registered on the device, revealing the gateway from the cellular network to the open Internet; intervening in Domain Name Server (DNS) resolution to control the IP address resolved for the APN, and utilizing a Man-in-the-Middle fake cell tower to change the IP address of the requested DNS server. Also known as eavesdropping attacks, these can massively disrupt supply chains or even risk lives.

IoT Devices as Attack Tools 

Hackers can use IoT devices themselves as a gateway to exploit device vulnerabilities to enter a company’s internal systems to steal data, trade secrets, and other critical information. They can employ poorly protected IoT devices to launch distributed denial of service (DDoS) attacks, shutting down some or all aspects of a company’s operations.

Denial of Service (DoS) 

Attackers can take devices offline by flooding them with information that triggers a crash, disconnects manufacturing and monitoring systems, halts electricity production, or prevents access to the systems via a targeted DoS attacks.

They can exploit flaws in the cellular network’s connectivity protocols to impersonate the identity of another legitimate device connected to the service, flood the network to deny service to other endpoints, and disrupt an ENTIRE organization or nation with non-targeted DoS attacks.

Lastly, attackers can disable business or national services by disabling the logging service of an IoT device while leaving functionality intact to be used in the next stage of a multi-layered attack – service DoS attacks.

Compromise Identity

ToRPEDO (TRacking via Paging mEssage DistributiOn) attacks allow hackers to recognize a device, find its location, and identify the device owner. IMP4GT attacks help cybercriminals exploit integrity protection flaws in the cellular connectivity protocol to impersonate devices or users and execute uplink and downlink impersonation based on their objectives and opportunities presented by the unsecured network.

Expose Data Location

Attackers can track a device’s physical location by exploiting existing flaws in communication protocols like SS7 and Diameter – and thus endanger valuable assets transported in connected vehicles. They can also discover when a specific device enters a certain geographic location, which may trigger a wider attack to harm devices or business operations in a specific area.

Protecting Against Attacks

It is tempting to relegate the cyber threats challenging cellular IoT devices into the same class of risks facing smartphones, which are already being addressed. It is also easy to assume that cellular IoT devices are only exposed to the same attacks on IoT devices using LAN or WLAN connections.

The reality is that it is the coming together of cellular connectivity and unique IoT vulnerabilities that account for the deadly threats that jeopardize businesses, government agencies, mobile network operators, and cellular subscribers themselves.

To tackle IoT device cybersecurity, let’s start with a known point: Cellular IoT devices are uniquely different from other types of endpoint devices like mobile phones and laptops. Unlike them, IoT devices’ operating systems, communication protocols, and applications impact a company’s infrastructure and client deployments or services – thus challenging IoT service providers to protect both from possible intrusion and disruption.

IoT device service providers must tackle the security issue from the core of the device outward to address this demand. Yes, they must protect the hardware and perimeter. Still, they must also secure the connectivity layer between the device, the cellular network, and other devices to scalably mitigate threats to all devices, regardless of hardware, software, or usage changes.

What’s the Solution?

So, what is the solution? Experts say there is only one: Identify and protect cellular communication at the first point of entry, before it reaches the device, with a network-based solution that:

  • Bypasses all cellular vulnerabilities, keeping the device private and safe from all cyber-attack methods
  • Continuously monitors new and evolving threats and updates the system accordingly.
  • Applies these updates immediately to all network traffic to protect all devices (new or old, SIM- or eSIM-based, of any make or model)
  • Tackles all cellular threat vectors for any device, including fake cell towers, data channel attacks, malicious SMS, and more
  • Offers scalability, manageability, device agnosticism, future readiness, and other cellular advantages
  • Partners with mobile network operators, IoT service providers, private networks, and EPC providers to deploy solutions via public or private mobile networks

With these tips, you’ll be sure to knock out the six biggest threats to your cellular IoT devices so you can continue with business as usual.

Adam Weinberg - CTO, FirstPoint Mobile Guard

Guest Writer
Guest Writer
Guest writers are IoT experts and enthusiasts interested in sharing their insights with the IoT industry through IoT For All.
Guest writers are IoT experts and enthusiasts interested in sharing their insights with the IoT industry through IoT For All.