IoT Security.... business as usual
To click or not to click
Every now and then you see an article that just screams Click Bait , but even so you are still compelled to click on it just to see ! When I read the link it mentioned 3D printers being set on fire remotely , I was hooked ….. that’s how i discovered Risk Management for Replication Devices not the most catchy of titles but a riveting read none the less.
NIST to see you
This little tome is written by the National Institute of Standards and Technology , a US federal agency which provides technical leadership for US commerce as well as settings standards.
This document looks at the vulnerabilities and exploits associated with what they call Replication Devices a broad term used to cover 3D printers and scanners in their various forms. However having read it most of the information in it apply to varying degrees to any IoT device.
I thought it would be worth exploring the various vulnerable aspects of both Replication Devices and IoT devices.
Threats and exploits
The two main threats for these devices are Network Connectivity and Nonvolatile Storage Media.
There are numerous exploits which are used , these include
- Denial of Service (DoS) - This typically disables the equipment temporarily or permanently
- Spam - Either flooding the equipment with spam or using it to generate spam
- Default Admin Password - Used to gain system level access to the equipment
- Data theft / corruption - The loss of data is potentially the most serious exploit especially for commercially or military sensitive data
Depending on the facilities offered by the equipment some or all of these will be applicable. For instance many 3D printers offer a web interface for setup and control of printing jobs. This is very useful for the legitimate user as they can log in to check their print or load further work , however its also useful for someone wishing to steal company secrets or disrupt work.
The same exploits can be used on many IoT devices , with storage media used in IoT devices to log data or store settings these can be accessed and either malicious code loaded , settings altered or data stolen .
Whilst most threats and vulnerabilities are remote there are some that require physical access , for instance when a service technician attends to rectify a fault or carry out scheduled maintenance there is a potential for data theft / corruption or the installation of code to turn the equipment into a spam bot .
What can be done ?
There are a whole host of measures you can take to prevent unauthorised access to you equipment , most are common sense when dealing with PCs and other common network devices. The more obvious ones are listed below ;
- Passwords - Change the manufacturers default password
- Monitor - Check the network activity and compare to other similar equipment to spot unusual trends
- Access - Limit access (physical and remote) to those that really need it
- Storage - Ensure old files are removed from storage devices and that appropriate anti virus measures are taken.
To sum up
The most obvious thing I learnt from reading Risk Management for Replication Devices was to treat Replication Devices and IoT equipment as any other piece of networked equipment and make sure they are secure and that proper risk management measures are taken.
Why not check out the new DesignSpark Internet of Things Design Centre .
Other blogs from me on IoT ;
Internet of Things - 26 Billion and counting
I’m sorry…… my fridge is spamming you
I hope you found this blog useful , please feel free to comment
I can be found on Twitter @peterjfrancis