A study by Gartner estimates that 5.8 billion Internet of Things (IoT) devices will be used for business and automobiles by 2020. While IoT can increase productivity and efficiency, there are certain risks associated with the adoption of this technology.
As more IoT networks get integrated with critical infrastructure and more sensitive data is stored on IoT devices, security becomes more complex. IoT device security tools and best practices aim to provide coverage against IoT threats.
There are unique features of IoT that could be exploited by threat actors. Some notable characteristics are the lack of physical hardening, as well as insufficient testing and lack of updates. These issues make IoT devices highly vulnerable to be weaponized for botnet attacks.
Lack of physical hardening can lead to IoT security problems. Some IoT devices can function autonomously without user intervention, but they must be physically protected against external threats. If, for example, an IoT device wasn’t built with security in mind and it remains unsupervised for long periods of time, a malicious actor can physically damage it using USB drives with malware or other methods allowing direct hardware access.
Ensuring the physical safety of IoT devices starts with the manufacturer and goes as deep as secure PCB design and tamper sensors. However, it is difficult for manufacturers to make secure sensors and transmitters in already inexpensive devices.
One of the security problems with IoT devices is that companies making IoT devices are very careless in providing proper security testing and timely software patches and updates.
This creates a big problem. Consumers trust manufacturers and their decisions and are often convinced that every effort is being made to address safety concerns. However, due to the rapid growth of the IoT market, many manufacturers are eager to manufacture and launch products shortening the time to market without sufficient testing.
In some cases, only minor updates are provided. Hyperproduction causes manufacturers to focus on releasing new generations of devices and encourage people to switch. As a result, IoT devices that use outdated software may become or remain vulnerable to various hacker attacks, utilizing existing or zero day security vulnerabilities.
A single IoT device infected with malware is a somewhat controllable threat. However, a group of infected devices usually called botnet can cause critical damage. To execute a botnet attack, hackers infect massive swarms of devices with malware, and then instruct the botnets to send thousands of requests per second. The result can lead to outages and critical system failures.
The problem is that connected devices are very vulnerable to malware attacks. While computers prompt users to constantly download security updates, this critical element is not practiced for IoT. As a result, IoT can be exploited and turned into infected zombies, easily leveraged as weapons that send large amounts of traffic.
To ensure the health of connected systems, networks, and devices, organizations should implement security measures dedicated to unique IoT challenges and characteristics.
To ensure IoT security, operations and security teams need to gain visibility. To achieve this goal, teams often use specialized visibility tools, such as simplified network access controls (NAC), which also helps maintain a detailed and updated list of all endpoints connected to the network.
NAC technology ensures the inventory is automatically updated when endpoints connect to the network. However, you should manually review results monthly or every two months. Endpoint tracking technology enables organizations to effectively respond to IoT security vulnerabilities by implementing automated incident response processes and security compliance measures.
The first step when implementing segmentation is to create a comprehensive inventory that lists the following aspects:
After filling in these details, you can start the segmentation. You can start by specifying categories like data-collection, infrastructure endpoints, and wearable endpoints. The next step is creating a network security policy for each category. This enables you to ensure each endpoint is utilized for its function, and respond quickly during an attack.
Device authentication and attestation for IoT can significantly reduce device exploitability.
There is a wide range of authentication methods available for IoT devices. Digital certificates, two-factor authentication, and biometrics, for example, are highly effective in preventing unauthorized access to IoT. To get past these defenses, attackers will need personal information that typically only authentic users have access to.
IoT technology has become a major disruptor for healthcare providers interested in reducing costs and improving patient care. When IoT device manufacturers compete to meet demand, they introduce cyber security risks into healthcare facilities.
Today, infusion pumps account for more than half of all deployed IoT medical devices. These pumps enable healthcare professionals to manage and administer blood, saline, and other medical fluids without physical contact. The ability to remotely deliver healthcare at this capacity ensures patients can gain access to quality medical care and enables healthcare staff to simultaneously manage multiple infections from a central facility.
The downside of this technology is its dangerously exploitable nature. Since these pumps use a wireless remote control, connect to the Internet, communicate patient data, and provide critical treatment, actors can cause a lot of damage. For example, actors can disrupt life-sustaining procedures by exploiting the integration linking medical records with drug delivery systems.
The advent of digital devices has created HIPAA security compliance issues that require special care, especially in matters of patient administration documentation. For example, smart pens that store large amounts of patient data attract cyber criminals. Smart pens can also serve as a point of entry into large-scale information technology (such as databases containing patient medical records).
Wireless devices monitors transmit blood sugar, heart rate, and other vitals directly to healthcare staff and patients. The information is typically transferred via Bluetooth, to help conveniently monitor a patient's health, during hospital, at home, and during daily activities. If there are any abnormal vitals, healthcare staff and patients can quickly be alerted via mobile phones, apps and other devices.
Implantable cardiac medical technologies, such as pacemakers devices and programs, have served as huge advancement in the healthcare industry for many years now. However, these life-saving devices also introduce critical security vulnerabilities. Perhaps the most concerning discovery that was found is that which asserts that a simple Denial of Service (DoS) attack on a pacemaker can potentially kill a patient. Many people are not aware of implants addons of a gateway controller unit that are capable of reading and transmitting data from the implant when it is in close proximity utilizing standard internet connection. These devices include the ability to push new firmware to the implanted device when such is available. This opens the implant to various attack types that can directly affect the implant's operation.
Looking at embedded devices is quite different than looking at servers in the IT space, it is common that there is no packages or information on the device to tap into for identification of assets to perform security analysis. Based on our vision that follows the FDA recommendations, medical device security has 2 main phases, the first phase is pre-market and the second is post-market. The approach to device security is fundamentally different at every phase. It is imperative to have proper mechanisms and controls built-in and not bolt on the device from the early stages to mitigate the risks of every phase in the device’s lifecycle, especially if the device is mission critical and human lives might be at stake due to its failure.
During the development phase of the device, security focus is required on multiple aspects such as hardware security, identity of the device, cryptography and vulnerability analysis and assessment activities of its components. Companies are using various tools and open source projects to achieve results on this multiple aspects. To get to significantly successful results is complex when we don’t have unlimited resources and effort we can put into this part of the development work. The first stage in a successful security program is to gain visibility into the device’s SBOM (Software Bill of Material) and runtime context as fundamental capabilities.
Once we achieve that we can advance to continuous vulnerability monitoring, security gap assessment, and most important vulnerability prioritization aka VPT. We can’t stop here. We need to be able to perform this every time when we change even one line of code in our application or change in a library and it has to be done for every device model in our product lines and every build of the firmware we are talking about potentially hundreds of such assessments per day. This can be achieved by DevSecOps approach and adding this to the CI/CD pipeline continuously modeling the device’s security posture while correlating the data with threat intelligence and vulnerability information and mostly deep knowledge of the device’s operational context to understand the threat relevance.