Embed Size (px)
Citation preview
Internet of Things VulnerabilitiesChristian Oliva | IASP 470 Systems Security Report | 2/24/18
TABLE OF CONTENTS
Abstract………………………………………………….……………………………………….2
Introduction……………………………………………………………………………………...2
Problem………………………………………………………………………………………….3
IoT Device………………………………………………………………………………………3
Wireless Network……………………………………………………………………………..4
Vulnerability…………………………………………………………………………………….4
Sensors…………………………………………………………………………………….…….4
Sensor-based threats…………………………………………………………………………..6
Sensor-based security………………………………………………..………………………..8
Attacks…………………………………………………………………………………………..9
Cloud Infrastructure Attack…………………………………………………………………..9
Mitigation…….…………………………………………………………………………………10
Network Segmentation……………………………………………………………………....11
Minimize Bandwidth………………………………………………………………………..11
Organized Groups..………………………………………………………………………….11
Conclusion…………………………………………………………………..…………………..12
References………………………………………………………………………………...……13
PAGE 1
Abstract
As technology advances and becomes more paramount to our everyday lives, they can
also create drawbacks as well. Internet of Things has permeated in all aspects of modern
human life more than ever now that consumers are able to incorporate them into their
homes. People around the globe have been implementing everything from smart door
locks, smart televisions, smart irrigation controllers and baby monitors for the sake of
convenience. With this type of ease of accessibility comes a price. Cybercriminals love
this type of convivence per say because the average consumer is not tech-savvy and
become an easy target for compromising their system. This study will explore benefits of
IoT, a different type of attacks, countermeasures on a security aspect and how to address
them.
Introduction
The Internet of Things is usually referred to by many physical devices being connected to
the internet. The simplest form of IoT is being able to switch a lightbulb on or off with
the use of an application on your smartphone. IoT can date back all the way in 1990’s
with an internet connected vending machine, but the internet at the current time wasn’t
refined how it is now. With the help of the sensors inside of the IoT based devices, it can
adapt to its environment such as a thermostat adjusting to the temperature in the room. By
2020, there will be about estimated of 50 billion connected devices. There will be new
devices and services that we have not yet imagined and many companies in this period
PAGE 2
will adapt or fail [3]. IoT companies or companies that sell the products have been elated
by the recent popularity of them, while cybersecurity professionals are being aware of the
perils that this can cause. One man’s excitement can be another man’s anxiety [2].
Unfortunately, smart devices are built around convenience with no security in mind.
Nothing can be perfectly secured. So, it is imperative that consumers must be educated
and aware of potential sophisticated attacks and how to safeguard against them.
Problem
Many manufacturers sell products that are not sufficiently secured to their consumers.
This is unacceptable considering all the cyber-related crime that go on a day to day basis.
The average user does not possess the technical prowess, so they are unaware they can
change the default username and password as a preventative first step measure. These
types of loopholes can be dangerous whether if it’s on a consumer or business
infrastructure level.
IoT Device
This is usually a component that is added to connect to the Internet whether if it’s on a
consumer basis level or business infrastructure with or without human involvement.
These computable devices have sensors to provide information to the physical world
(e.g., cameras, smart speaker, thermostat) [5] These devices can be implemented
wirelessly on a home network, cellularly whether if it’s on 4G LTE or 3G or Bluetooth
PAGE 3
4.0. They can come in different shapes and sizes and are usually always powered on to
provide the necessary information they were intended to do.
Wireless Networks
The flexibility of wireless has been a game changer ever seen it has been introduced into
the Information Technology world. It has overcome difficult situations in terms of trying
to cover a wide area with so many cables involved to get it connected to the internet. It
also saved the cost of cable deployment. Unfortunately, possessing wireless networks can
open many vulnerabilities.
Vulnerability
Vulnerabilities in the Information Technology world are weak points in a system that can
allow hackers have access to unauthorized data or perform malicious attacks. Hackers
always intend to steal data that is very valuable such as intellectual property or personal
information. The weak form of coding can be a major key point in comprising data on a
system. Cyber espionage is one of the most dangerous that the government themselves
can be involved with. [1] Around 2015, one of the biggest cyber-attack where a cyber
gang that goes by the name of Carbanak were able to steal 1 billion dollars from banks all
the world according to professionals from Kaspersky Labs. [1] Unfortunately, anything
that can be connected to the internet can be hacked. Furthermore, security industries are
always conducting research to try to detect possible future vulnerabilities.
Sensors
PAGE 4
Sensors are what make the Internet of Things possible. They are the backbone and
process all the necessary data to perform their tasks. Sense makers are typically
integrated via sensor hub. The hub allows multiple sensors to collaborate device together
as a whole. [10] There are many different types of sensors that deliver a different type of
data to consumers. [9] There are temperature sensors which is one of the more popular
types. They can be used in agricultural fields to water plants or check the temperature of
the soil. There also proximity sensors that are used for sensor detection is commonly used
in a retail setting. Retailers are also sending coupons to the smartphones of customers.
The network layer allows data to be transferred that is then collected in the sensing layer.
[10] The data is then analyzed in the data processing layer to make results. Lastly, the
application layer presents the data in accordance. Tasks can be executed with this kind of
data.
Sikder. A, Petracca., G, Aksu. H, Jaeger. T, Uluagac, A (2018) . A Survey on Sensor-
based Threats to Internet-of-Things (IoT) Devices and Applications. Retrieved from
www.arxiv.org.com
PAGE 5
Solanki, V (2016). Internet of Things: Sensors & Sensing. Retrieved from
www.iotone.com
Sensor-based threats
These types of attacks be done in a passive or active way. Passive attacks can be done
with just observing the target without exploiting it. Active attacks are when you perform
your attacks where serious damage can be done. These types of attacks can be
categorized in four different groups. These categories are as followed, Information
Leakage, False Sensor Data Injection, Denial-of-Service and Transmitting Malicious
Sensor Patterns or Commands. [10] With Information leakage, which is the most
PAGE 6
common based attack on a IoT device, data such as passwords or bank card information
can be revealed. Eavesdropping on a connection can be done using a microphone is one
form of Information Leakage. There are also other methods can be done to carry out this
attack. Keystroke reference is a popular method which allows data to be recording by
sensors such as accelerometer, gyroscope, microphone, or even light sensors on the
display which infer keystrokes. With those tilts of the device, light ambience in your
environment can help construct a database. If a user types in their PIN number into the
device, another method called PIN Skimming can be achieved by data from the light
sensor can be used to extract the PIN number. This is done by the data captured by the
cathode ray tube and the photosensor on the screen that is written on have its signals
emitted and capture the text that was typed on the device. [10] Malware can also be
transmitted sensor patterns by a set off commands known as Transmitting Malicious
Sensor Commands. IoT devices can be sensitive to magnetic fields. In this case, if the
magnetic field readings are manipulated, it can trigger commands and set off the
malware. A similar method can be done with audio sensors. A message that is embedded
in a song can be picked up the microphone and the malware can be triggered. The lower
frequency can be transmitted through an audio channel that normally bypasses the
security of the IoT device. This also can be done with ultrasonic that allows to bypass
security with no problem. Buzzers have been used to transfer a trojan by encoding it into
audio signal. With the spread of IoT, they solely rely on data that is captured by sensors
and if it’s altered in any way, it is called False Sensor Data Injection. This is done
through Wi-Fi, Bluetooth or Cellular Networks. [10] An example of this is when GPS-
enabled device and the hacker sends a tampered GPS location to that device to change the
PAGE 7
location of the vehicle in real time. When false data is injected, many attributes can be
revealed such as encryption key, block size, and key size. With this type of data acquired,
the attacker can replace those attributes with invalid information that can be detrimental.
Malware can secretly send back data to a server and make modifications of any kind to
the device. Lastly, Denial-of-Service is an event orchestrated by an attack that does not
allow users to have access to a system(s). This can be done by flooding the servers with
traffic which can lead to systems crashing. Accelerometers have frequencies of a
vibration force. This technique can be used for drones and their flight control by
exploiting the gyroscope. With constant resonant, the drone flight path can be severely
overwhelming and can send up turning off the drone. [10]
Sensor-based security
With the plethora of sensors that are embedded in IoT devices, it is very challenging to
completely secure them from vulnerabilities. Since IoT is new to consumers and there is
lack of knowledge, there are some approaches can be considering to add layers of
security to mitigate the risks against hackers. The mobile device operating system
Android, based on a Linux kernel, allows for an extension that allows sensor
management. This sensor management is called Semadroid and some of its key benefits
can allow for logging and monitoring of the sensor to make sure legitimate processes are
occurring. Policies can also be implemented to have control over the transmitted data and
the type of data it has accessed to. Mock data can also be created to test its functionality
to see how sensed data is used from application to avoid any future suspicious behavior.
Another great security approach for protecting sensed data is Location-Privacy
PAGE 8
Preserving Mechanisms which reduces of attacks on location data. However, if the
attacker is aware of this protection, it can easily be reversed. Attackers like to know to
know the location to launch attacks at the victim’s home or work location.
Attacks
Attacks are actions made by the hackers to proceed with their exploits using different
techniques and possibly tools as well. The goals for these attacks are typically for
financially gain or gaining notoriety within their community. For example, there was a
large distributed denial of service attack that was done with Web cameras to support the
attack by the host Dyn which resulted in an internet outage. [8] To see what we are
dealing with here, it is good to know how sophisticated attacks can be. In the same large
DDOS attack mentioned a little earlier it was done accordingly in three waves. Din was
able to mitigate the attacks, but they were flooded by millions of DNS look-up requests
[ [2] It was determined that they were affected by the Mirai botnet, which targets IoT
devices by using their default factory. Once the IoT devices became a part of the botnet
army, they were used to carry out attacks.
Cloud Infrastructure Attacks
About 68 percent of devices offer cloud service [4]. Some companies such as Nest offer
cloud-based services for their products such as the Nest Security Camera. To benefit from
PAGE 9
their 24/7 recording, it must be on a cloud-based subscription that you pay monthly.
Some cloud services do not enforce strict password policies or failed login attempts
which has huge potential for a hacker to gain access. In some instances, cloud services
can incur some logical errors that can lead the attacker to gather some very sensitive
information without authentication. One form of vulnerability can excel in this case is
SQL injection, which is a code injection technique done with SQL statements to dump its
contents to the attacker. This type of vulnerability can lead to open smart lock doors to a
hacker remotely. [4]
Mitigation
Most IoT devices do not provide a secure method. You would have to implement some
precautions to make it much harder for the attacker to compromise your system.
Primarily, a strong password must be implemented on the device and Wi-Fi connection
itself. The default username and password on the router configuration must be changed
right away. he Wi-Fi connect must be encryption method of WPA2 or anything greater. If
possible using a wired connection is always much more secure, then using wireless but
that is typically hard to do considered the convenience of having a wireless system. Most
IoT devices are usually Wi-Fi- connection and essentially none of them can be hard
wired. Updating the firmware on the IoT devices if they ever become available is
necessary because typically they come with security patches in some instances which can
be highly beneficially if you want an extra layer of protection. Disabling features that are
not needed can also be of important us, especially if they are smart features. [4
PAGE 10
Network Segmentation
Separating the network into zones can limit the access if one area is compromised.
Essentially you are not putting all your eggs in one basket. If one zone is compromised,
you still have access to the others and in the meantime, you can quarantine and mitigate
the infected zone. In this case, all the of the IoT devices can be connected to one network
and isolated from the rest.
Minimize bandwidth
If there were about 50 billion devices and about 1% of them are under control, that is
over 55 million devices that have the potential to perform a DDoS attack that can be
catastrophic. [7] This number of devices together as a whole can generate up to 81 trillion
frames per second that can cause some serious damage. [7] Since there is no way to
reduce the amount of traffic, there is another option to limit the amount of network traffic
these devices can generate. Vendors should look deeper into the kernel aspect of IoT
devices and throttle network transmission to make it much more difficult for hackers to
add them to their zombie army. If this so-called “smart devices” can perform actions
based on the outside, it should be programmed to detect anything usually on the inside
and perform some sort of reset so mitigate any potential harm.
Organized groups
PAGE 11
With all the tools and resources out there on the web, it has become more apparent that
the hackers become more familiar and educated on this matter. They have become more
comfortable with applications and methods that they have at their disposal. Some may
have the resources to carry on large-scale attacks to pursue what endeavors they may
have whether if it is espionage or financial gain. Skill levels are usually moderate to high.
Normally they commit cyber terrorism which is a cyber-related attack towards banks,
military, or other government-related entity. [5]
Conclusion
Even though Internet of Things faces many vulnerabilities, consumer need to be protect
themselves or assets. Consumers need to be aware of these exploits and be educated in
the matter. Every day many security risks are being introduced due to the popularity. In
this paper, an overview of the different type of sensors was discussed as well as the
vulnerabilities of those sensors. I also presented security mechanisms that can help
mitigate those sensor risks and as well for overall wireless network protection. I believe
this approach can have positive feedback and hopefully motivating more security-based
research for the future to come.
References
PAGE 12
[1] Paginini, P. (2016, February 23). The Top Five Cyber Security
Vulnerabilities. Retrieved March 10, 2018, from
http://resources.infosecinstitute.com/the-top-five-cyber-security-
vulnerabilities-in-terms-of-potential-for-catastrophic-damage/
[2] Alba, M. (2017, June 09). IoT Popularity is Rising, and so are Cyber
Security Concerns. Retrieved March 10, 2018, from
https://www.engineering.com/IOT/ArticleID/15064/IoT-Popularity-is-Rising-
and-so-are-Cyber-Security-Concerns.aspx
[3 ] Phadnis, S. (2016, August 18). Households have 10 connected devices
now, will rise to 50 by 2020 - ET CIO. Retrieved March 10, 2018, from
https://cio.economictimes.indiatimes.com/news/internet-of-things/households
-have-10-connected-devices-now-will-rise-to-50-by-2020/53765773
[4] Barcena, M. B., & Wueest, C. (2015, March 12). Insecurity in the Internet
of Things. Retrieved March 3, 2018, from
https://www.symantec.com/content/dam/symantec/docs/white-papers/insecu
rity-in-the-internet-of-things-en.pdf
[5] Abomhara, M., & Køien, G. M. (2015, May 22). Cyber Security and the
Internet of Things: Vulnerabilities, Threats, Intruders and Attacks[Scholarly
project]. In RiverPublishers. Retrieved May 10, 2015, from
https://www.riverpublishers.com/jou
[6] What is IoT security (Internet of Things security)? - Definition from
WhatIs.com. (n.d.). Retrieved March 11, 2018, from
PAGE 13
http://internetofthingsagenda.techtarget.com/definition/IoT-security-
Internet-of-Things-security
[7] Corser, G., Fink, G. A., Aledhari, M., Bielby, J., Nighot, R., Aneja, N., . . .
Cristache, L. (2017, May). INTERNET OF THINGS (IOT) SECURITY BEST
PRACTICES[Scholarly project]. In IEEE. Retrieved March 10, 2018, from
https://internetinitiative.ieee.org/images/files/resources/white_papers/
internet_of_things_may_2017.pdf
[8] Condliffe, J. (2016, October 24). Why the Internet of Things is a threat to
the fabric of the Internet. Retrieved March 10, 2018, from
https://www.technologyreview.com/s/602713/how-the-internet-of-things-
took-down-the-internet/
[9] Cranford, N. (2016, December 06). Sensor types and their IoT use cases.
Retrieved March 10, 2018, from
https://www.rcrwireless.com/20161206/internet-of-things/sensor-iot-tag31-
tag99
[10] Sikder, A. K., Petracca, G., Aksu, H., Jaeger, T., & Uluagac, A. S. (2018,
February 6). A Survey on Sensor-based Threats to Internet-of-Things (IoT)
Devices and Applications[Scholarly project]. Retrieved March 10, 2018, from
https://arxiv.org/pdf/1802.02041.pdf
[11] G.G, V. (n.d.). Hacking Internet of Things (IoT)[Scholarly project].
Retrieved March 10, 2018. from
https://www.secpod.com/resource/whitepapers/Hacking-IoT-A-Case-Study-
on-Tata-Sky-DTH-Vulnerabilities.pdf
PAGE 14
PAGE 15
