In the world of IoT, no device is an island.  Internet of Things (IoT) ecosystems are designed to connect users, devices, and services that add richness to our digital lives.  Smart lighting, doorbells, thermostats, TVs, cameras, cars, and numerous IoT appliances offer more value today than their unconnected counterparts.   

The benefits of IoT are truly fantastic, but the question beckons, “What is the risk?”  If you count all of the IoT devices around you, it’s pretty evident that the world of IoT is growing rapidly, and it’s here to stay.  With these modern conveniences, consumers tend to blindly buy, download, connect, and use IoT devices without considering the security vulnerabilities of their new products.  

Unlike hostile browser takeovers and malware on a PC, the cyber-attacks of our IoT platforms often goes undetected.  Without proper design, security remains the Achilles’ Heel of today’s IoT platforms.

My experience suggests that the most egregious (and perhaps most common) security threat of the IoT ecosystem is the Man-in-the-Middle (MITM) attack.  What is a Man-in-the-Middle attack?  It’s when a perpetrator gets in the middle of a private, trusted relationship between users, devices, or services and secretly eavesdrops, intercepts, redirects, and/or alters communications by way of emulating credentials.  The results can be devastating.  

What can we do to protect ourselves from cyber-attacks?  Here are a few suggestions:

  • Avoid open Wi-Fi connections (no password).
  • Learn to recognize email phishing requests.  Don’t get fooled, and when in doubt, never respond to emails that request account verification, password verification or password recovery. 
  • Log out of secure applications when not in use.
  • Be wary of browser notifications.
  • Change/replace your passwords often with strong password credentials.
  • Update home IP cameras & devices with SSL/TLS encryption.
  • Utilize strong encryption (i.e. WPA2-AES) with strong passwords on home routers and access points.
  • Turn off remote online monitoring 
  • Update or replace older devices that utilize non-secure network protocols.

These threats present significant challenges to the digital architect to resolve.  Whether we are designing a stoplight, thermostat, or an industrial robot, it’s imperative to thwart the strategies of the MITM attack.  

Historically, my teams have spent as much time resolving digital security issues as they have spent on features.  For the IoT engineer, here are some security measures that help protect your IoT solution/ecosystem from the MITM attack:

Properly Secure Firmware Over the Air (FOTA) Updates

  • Secure the boot loader in protected memory.
  • Secure against Firmware Over the Air (FOTA) updates with strong update credentials and firmware image verification.  
  • Digitally sign and verify FW update images with a cryptographic hash of the private key.
  • Protect against malicious code being loaded and/or executed early in the boot process.

Provision for Revocation

  • Implement an OAUTH certificate server for device revocation.
  • Provision your design with a Kill-Switch to disable or remove an egregious device from your IoT ecosystem.

Encrypt

  • Device-specific encryption is imperative (crack one, get one…NOT…crack one, get all).  
  • Isolate trusted resources from non-trusted 

        

Foil the “Spoofers” 

  • IP/address spoofing—altering packet headers in an IP address for redirection to the attacker.
  • Address Resolution Protocol (ARP) within a local subnet that can trick M2M with an ARP spoof.
  • User spoofing—Have you received emails from false addresses pretending to be a trusted company or colleague?  Phishing scams are the bane to every security ecosystem—never respond.
  • DNS spoofing (cache poisoning) can direct/redirect communications directly to the perpetrator’s site.**

          **Note:  If suspect of DNS spoofing, use Google DNS IP 8.8.8.8 & 4.4.4.4 

Keep it Private

  • Utilize public and private key pairs for encryption/decryption.
  • TCPs & secure co-processors ensure secure unique device-specific encryption when coordinated with back-end (BE) services.

Trusted Communications Protocols

  • Use secure socket connections to trusted endpoints (SSL, TLS, or HTTPS).
  • Establish a root of trust and design an ecosystem resilient to cyber-attacks.

When we bring an IoT solution into the privacy of our homes, let’s not forget that there is an entire connected ecosystem behind that device—buyer beware.  As we look to the future of IoT, let’s do all that we can to keep our homes, families, and designs safe from the daunting threat of the cyber attacker and embrace the value and benefits of living a connected life.  Wishing you wellness and safety in your journey!

 

 

Paul Boerger, CTO and VP of Engineering, Vergent Products