Five crucial security questions for your IoT project
2018 will be a big year for IoT. By some estimates 2.8 billion new devices will come online, enabling a variety of new scenarios that were science fiction just a decade ago. Connected medical devices, watches, home automation devices, smart cities, connected cars and industrial equipment are all changing the way we interact with each other and our environment, in both our personal and business lives.
Now is a good time to reflect upon mistakes we have made in the past and resolve to do better in the coming year. On the top of my list is security. It’s easy to get caught up in the great new things that are going to be enabled with IoT, but we must not lose sight of the security risks IoT represents.
It’s been over a year since the Mirai malware took over hundreds of thousands of IoT devices and then launched some of the largest and most disruptive distributed denial-of-service attacks ever seen. According to Webroot, “the underlying problem is that IoT manufacturers are only designing the devices for functionality and aren’t investing in proper security testing.”
So, here is the resolution I think we all should make this coming year: Make security a part of your IoT design process! But, what exactly does that mean? Here are some questions to consider from the very start.
1. Does the device perform any safety sensitive operations?
If a hacker were able to compromise, say, actuator signals from an insulin pump or a valve controller for a nuclear power plant, then clearly this presents huge safety issues. Even something as benign as a connected thermostat could be a safety problem during a bitter cold winter. On the other hand, your robotic vacuum cleaner probably does not.
Safety trumps all else and this needs to be a top priority. It should also be considered as a major factor as to how strong you need your security implementation to be.
2. Does the device process sensitive information?
Any kind of privacy-sensitive information should raise a red flag, especially with the upcoming GDPR regulations in Europe that impose significant fines if such data is inappropriately handled. Sensitive information goes well beyond the personal realm as financial data, login credentials, telemetry and configurations all need equal amounts of careful protection.
When designing a product, ask yourself, what are the consequences if a hacker were to get ahold of that data? If you think it is unacceptable, you should consider cryptographically encrypting that data both at rest and in transit.
3. Do your devices need secure identities?
How important is it that only authorized IoT devices participate in your IoT ecosystems?
Consider what would happen if a hacker’s device could masquerade as a sensor in an automobile that could trigger some action on automatic vehicle control system? If an insulin pump was receiving blood sugar readings from a spoofed glucose sensor? In safety sensitive scenarios, it is crucial to authenticate IoT devices.
Cryptographically secure identities can be used to provide strong authorization for devices and may be appropriate for many scenarios to ensure that all of the devices in an IoT ecosystem are authentic.
4. Are you implementing cryptography correctly?
For data protection, secure communications and authentication, cryptography is a go-to technology. However, it can be difficult to implement and deploy correctly. Cryptography will protect the data, but you must also protect the keys.
One characteristic of IoT is that these devices typically are in physically uncontrolled environments, giving hackers a greater possibility of getting direct access to a device. As a result, it is easier to reverse engineer the device to find keys. Protecting keys may require special hardware on the device to securely store the key or implementation of white box cryptography if such hardware is not available.
You also need to think about key management throughout its lifecycle. How are the keys generated and distributed in the first place? Keys are often generated on unprotected computers and private keys are not adequately protected or backed up, creating gaping security holes. Correctly generating and distributing keys requires specialized technology, facilities, processes and people. If those capabilities are not easily found in-house, you may want to outsource your key generation and provisioning.
5. How are you protecting your apps on your IoT devices?
You should consider securing your software applications as part of your development lifecycle. Many tools are available that analyze code looking for potential vulnerabilities. You want to patch those vulnerabilities before you deploy code to the field.
Of course, new vulnerabilities are discovered all the time. You should have some way to securely update those devices once deployed. Consider using secure, authenticated channels when deploying patches to devices and using code signing techniques to ensure only authorized updates can be installed.
IoT devices deployed in uncontrolled environments offer ample opportunity for hackers to reverse engineer code, so it’s important to assess tools that deter tampering.
There’s a lot more that can be done to improve security for IoT, but thinking about these five questions should get you on the path to a more secure IoT deployment. Best of luck in 2018!
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.