IoT Security: Key Internet of Things Trend for 2023
2023 will see increasing recognition and action taken on the integral issue of security in Internet of Things networking. As the Internet of Things has grown, it has moved rapidly to develop “smart” applications for sectors as diverse as industry, transportation, healthcare, and homes. However, in many cases, progress in creating suitably sophisticated security and privacy solutions for the billions of networked devices has not kept pace with the innovation. This has left much of the IoT vulnerable to hacks and requiring a revisiting of network design to mitigate security risks that are often inherent and present in every layer of IoT network architecture. For the IoT to achieve wider implementation, the creation of robust security practices and protocols is critical. This makes security a key trend as IoT expansion progresses into the mid-2020s.
This short article will look at vulnerabilities in IoT networks and new strategies that are being used to strengthen IoT networks against attacks. In particular, the security vulnerabilities of single antenna IoT devices will be explored along with potential solutions.
With almost 100 billion IoT connections expected by 2025, security is a priority issue
As IoT applications and solutions become increasingly integrated into society, the opportunity for attacks to IoT networking from hackers exponentially increases. IoT security is not always included in the design phase of IoT product development. The prevalence of IoT technology means that target cyberattacks could be pervasive, crippling, and hard to eradicate, with rising costs to businesses. Cyber attacks and sabotage are increasingly prominent, exploiting the interconnectivity of networks and probing for vulnerabilities to exploit in the Perception layer, Network layer, the Processing Layer, and the Application layer of IoT. Everyday IoT devices are often used as entry points to enter, infiltrate and damage much larger networks, and the connection to the internet opens these devices up to a wide range of targeted and persistent attacks.
List of the key types of security attacks recognized in the Internet of Things
IoT security breaches and hacking can affect IoT devices of all kinds and sizes. Because weaknesses are present across all the IoT network layers, here are the main types of security attacks for each layer are outlined below.
[A] IoT perception layer security attacks
The device layer includes the physical network components including IoT antennas, sensors, and devices. This layer captures the raw data that is then sent to the network layer for processing. Common IoT perception layer security attacks include:
- Node capture attack: this form attack targets nodes within an IoT network that are replaced with alternate hardware or modified to yield sensitive data or access keys that can be used to compromise the entire network.
- Injection of malicious code: the debugging modules of an individual IoT node are accessed for injection of malicious code that can help an attacker breach the network. This attack can take place during scheduled over-the-air (OTA) firmware updates using Trojans that present themselves as updates or upgrades.
- Jamming: RFID systems and antennas are the focus of powerful transmitters that match the antenna frequency or RF shielding equipment.
- Sleep deprivation attacks: these attacks are designed to drain the battery power of a low-power IoT device. Codes can be injected into the device memory that keeps the device continuously awake/transmitting.
[B] IoT network layer security attacks
The network layer of an IoT application will route data from the various nodes through various gateways and interfaces for processing and where required, transmitting data to the participant devices/nodes. The main network layer security attacks include:
- Eavesdropping attack: this is an RFID-based attack that utilizes the signal transmitted from an activated tag. Eavesdropping on this signal enables the attacker to harvest the tag's credentials.
- Selective-Forwarding Attacks: thisinvolvescaptured or malicious nodes forwarding certain data packets that aim to disrupt the network protocols. All other routine data packets are dropped.
- Denial of Service (DoS): denial of service attacks aim to disrupt a particular area of the network's computation, leading to a loss of network capacity and overall function.
- Man in the Middle attack: interception is used in these IoT security attacks, with data transfer between nodes being intercepted and altered in real-time by an attacker.
[C] IoT application layer attacks
This is the user-facing part of an IoT network and usually has the most variation in design as it is customized to deliver a specific solution in a diverse range of industries. The application layer uses data that is transmitted from the nodes and is particularly vulnerable, with well-known weaknesses at this layer that affect other technologies, such as APIs and HTTP protocols that hackers will readily attempt to breach. Here are the key forms of application layer security attack:
- Malicious Scripts: this attack particularly affects IoT devices that are connected to the internet. The scripts appear innocuous, but when they are run they overwhelm the processing capacity of the application, steal data, or cause a system failure.
- Malicious Code Injection: the source code for the application is probed for vulnerability with the insertion of malicious code that can activate itself or be activated when the user takes a specific action.
- Data distortion attack: this pernicious attack exploits the software code to produce unexpected impacts on the IoT system.
Single antenna devices have specific vulnerabilities to attacks that will need to be addressed
Many IoT devices are embedded devices with a single antenna that transmit data very intermittently. These devices are particularly vulnerable to physical layer attacks, which may not be detected system-wide because the targeted node transmits only rarely. Access point antennas and hubs can also be affected.
IoT antennas are a particular target of hackers who may use a high gain omnidirectional or directional antenna to target the device antenna, impersonating a legitimate signal with an attack command. This is known as spoofing and usually targets the antenna with a fake data packet or denial or service signal to an IoT access point.
Recent efforts to prevent IoT antennas from being targeted have focused on multiplying the number of antennas used by an IoT device to create unique physical layer signatures that authenticate legitimate antenna activity.
However, this multi-antenna approach increases hardware costs and energy consumption. Other strategies seek to exploit multipath signal propagation or antenna polarization to block potential spoofing attacks. Multipath strategies use the antenna array to create distinctive propagation signatures to create a recognizable profile for the signals coming from a specific antenna. Using multiple receiving antennas can also mitigate the effect of an attacker who is using a strong, well targeted antenna.
Security best practices for IoT networks and devices
For safe and effective networking for mission-critical applications, a high level of security is key not only in an index device that is being used but also across the supporting networks (e.g. Zigbee, LoRa, Bluetooth) that devices connect to as well as the internet. Techniques for IoT security are continually being developed and adapted to the diverse range of IoT attacks. These are key security strategies for IoT networking that should be routinely addressed:
- Consideration of IoT security at the research and development stage: if security is well-integrated at the planning stage, solutions can be developed to protect each network layer from attackers.
- Authentication: in IoT, authentication makes sure that the transmitted data has come from the correct device and has not been modified. In decentralized IoT networks achieving this is challenging but participant devices need to be able to identify themselves and each other. An authentication system allows disparate devices to 'talk' to each other. Examples include digital certificates and Public Key Infrastructure (PKI).
- End-to-end security: the data exchanged between participant devices or nodes within an IoT network needs to be actively kept confidential. Attackers will seek to intercept transmitted data if it is exposed. Though it is expensive, encryption and decryption end-to-end should be routine.
- Integrity: data transmissions from IoT devices need to be accurately recorded and ideally stored without the opportunity for alterations, especially where the data is sensitive. Blockchains, Message Integrity Codes (MIC), and the hash function can secure the data generated in a trustworthy location.
- Availability: The wakefulness of individual devices and nodes is advantageous for a responsive network that is more resilient against attack.
- Replay protection: IoTnodes often store the data packets that they have just transmitted. These data packets can be played back and have the data retrieved or used to penetrate the network. IoT networks need to be protected by mechanisms that can filter or remove duplicate
Antennas are a key part of physical device security in IoT
As discussed above, IoT antennas are not exempt from being targeted by malicious attacks.
This means that it is more important than ever to make a considered choice of antenna for inclusion in IoT devices. Technical advice and expertise from Data Alliance can assist in the selection of performance high-gain antennas, cables, and other IoT networking components that can equip an IoT network with real resilience across the leading technologies including cellular, WiFi, Bluetooth, ZigBee, and LoRa.
Posted by George Hardesty on 15th Jan 2023