Preemptive IoT Security testing, a worthwhile investment


For enterprises, the Internet of Things (IoT) currently represents a double-edged sword—on the one hand, there are manifold opportunities to boost the efficiency of products and services, create new revenue streams and reduce operational costs, all by connecting these ‘things’ (devices) to the internet and then analyzing the data they generate. On the other hand, this is still an immature market in which architectures, technologies, standards and vendors are all moving targets, making security the cause for major worry.

In a recent survey, IDC found that over 70% of security professionals at financial services & healthcare firms, said the expenses associated with an IoT breach were higher than those associated with traditional breaches and security incidents, thus highlighting the costly challenges of IoT breaches.

With preemptive testing, enterprises can greatly reduce risk. The IoT world is a network of various connected physical devices with ability to communicate wirelessly to collect and exchange data as well as take action. These devices utilize the embedded technology to communicate and sense or interact with their internal states or the external network to send or receive data. The wide variety of devices include environmental control systems, access control and monitoring, inventory tracking and automation, appliances, wearable devices and connected vehicles and fleet management.

IoT emerges at a time when threats of data security and privacy is rapidly growing. As new IoT devices come to market, security researchers are constantly finding severe vulnerabilities such as remote code execution, unauthorized access, authentication bypass, or issues that could lead to theft of unencrypted data or any Personally Identifiable Information (PII). Consequently, IoT security standards and guidelines are essential to defend against cyber-attacks with secure encryption and communication of sensitive information, robust authentication and authorization, intrusion detection and security monitoring, secure coding and physical device security.

There are plenty of general security risks related to IoT devices such as obtaining unauthorized access to sensitive data or making unauthorized changes to data or program. Therefore, being able to test IoT devices for vulnerabilities can preemptively reduce the costs of remediation upon breach.

For comprehensive IoT testing, the following areas should be included:

Cryptography - The cryptography protocols and processes on IoT Device should not be enabled by default. Enabling only necessary cryptographic algorithms will help prevent intruders from gaining access to and control over the resources. Limit administrative account privileges and separate administrative actions and rights from standard user accounts to avoid the risk of misconfiguration by users. The devices must detect and alert enabling of non-supported NIST Validated Cryptographic Algorithms and other potentially malicious activities.

Ensuring non-supported algorithms are disabled by default and require an authorized administrative action to enable. In addition, safeguarding against unauthorized access and transport of plaintext private keys, critical security parameters, sensitive data at rest and in transit is also critical.

Communications - Provide data confidentiality, authentication, and integrity, and replay protection based on secure and established standards for communication protocols. Ensure proper validation of peer credentials and public key based verification for peer communications.

Public Key Infrastructure (PKI) provides the building blocks for authentication and trust through a digital certificate standard and Certificate Authorities (CA).  Certificates are signed by intermediate entities (i.e., certification authorities) of the PKI hierarchy and provide a physical association between a public key and the identity of the key owner.

The device should have a means to authenticate any entity communicating with using strong encryption and authentication schemes are based on cryptographic suites such as Advanced Encryption Suite (AES) for confidential data transport, Rivest-Shamir-Adleman (RSA) for digital signatures and key transport and Diffie-Hellman (DH) for key negotiations and management for peer identity and mechanisms to authenticate it. The Diffie-Hellman (DH) protocol uses robust mutual authentication with secret keys to establish trust between two parties using digital certificates through the Transport Layer Security (TLS) protocol while authenticating each other at the same time.

Authentication & Authorization - Ensure secure authentication for administrative access and require configuration, identification and authentication of credentials on first-time use.

Implement a privileged user management system to limit access to administrative features and ensure that administrators can access and monitor systems and devices. This includes session monitoring of privileged sessions, protection of passwords to service accounts, and frequent password rotation.

The device should have extended capabilities to perform Multi-Factor Authentication (MFA) that requires the use of more than one verification method. Sensors and biometrics should be supported for maximum levels of security assurance using fingerprint, voice, face, eye recognition and gesture-based authentication. Fingerprint sensors must be FIPS 140-2 Level 3 compliant tamper proofing. The security keys must be generated using FIPS 140-2 compliant cryptographic modules. Ensure secure storage of backup keys using FIPS 140-2 validated modules with the ability to re-provision in case the key is lost or corrupted.

Device Physical security - Require visible tamper evidence mechanisms and prevent against unauthorized access to internal components.

Implement mechanism to detect physical tampering of hardware, such as opening of device cover and removing a part of the device. There should be some tamper-detection so that an alert is generated when someone has interfered open a cover or in other ways compromised the physical security.

Access should be limited by not allowing untrusted parties physical access to the device. The various physical ports on the device, such as the USB ports or SD card slots, should be physically secured. Tamper signals should be part of the data stream uploaded to the cloud enabling alerting of these events to the administrators. Must protect endpoints or devices by disabling external device connectivity e.g. USB drives and allowing their usage only upon approval, review, scanning and on the need to know basis. Disable direct internet access from sensitive devices/endpoints if not required ensure that unused services are disabled or blocked such as open ports, insecure protocols. Secure booting (using keys) plus ensure secure firmware and device authentication support when connecting. Apply regular patches on device OS, etc. along with secure and authenticated firmware upgrades. Establish connection whitelisting instead of blacklisting and secure key exchange protocols.

Given the vast threat landscape of an IoT environment, which consists of application, device, network, encryption and API’s, the days of employing the ‘lock it all down’ approach are over. In today’s rapidly changing atmosphere, to maintain competitive advantage, successful organizations adapt and capitalize on technological advances that can make them more efficient, secure, and different.  IoT is an area with vast possibilities for enterprises in all verticals, but the challenge will continue to be balancing convenience with security. This is because security cannot be bolted on, and must be baked in to the architecture to help reduce the costs of implementing it later.

Spirent can test your IoT devices in a comprehensive and cost-effective manner, on an on-going basis, to help bolster security while ensuring that the device functionality and ROI are in alignment with your enterprise needs and priorities.

If you’re interested in learning more visit our Spirent’s SecurityLabs page, or if you want to learn how the team can help with your IoT security, contact us, or join us for our next webinar: IoT Security Concerns within the Enterprise.


comments powered by Disqus
× Spirent.com uses cookies to enhance and streamline your experience. By continuing to browse our site, you are agreeing to the use of cookies.