In Oct 2016, an attacker used malware to command Internet of Things, or IOT, devices to carry out DDoS attack- which in turn overwhelmed their target with unwanted requests. “On command, thousands of internet-connected devices began sending waves of data at Dyn, one of the domain name server, or DNS, resulting in downing of hundreds of websites, including Twitter, the New York Times, Reddit and Amazon, for hours,” reported DefenseOne. The malware exploited the widely known factory-default passwords or other vulnerabilities, making them easy recruits for bot armies.
“The volume of DDoS attacks has more than doubled over the last 18 months. It’s now approaching 650 gigabytes a second. That’s only possible because they’ve been recruiting IOT devices,” said one government official with direct knowledge of the attack. “We need to have a deliberative conversation about baking in security as much as possible into Internet of Things devices.”
By 2025, it is predicted that there can be as many as 100 billion connected IoT devices or network of everyday objects as well as sensors that will be infused with intelligence and computing capability. These devices shall comprise of personal devices such as smart watches, digital glasses and fitness monitoring products, food items, home appliances, plant control systems, equipment monitoring and maintenance sensors and industrial robots.
The rapid growth in IOT devices, however will offer new opportunities for hacking, identity theft, disruption, and other malicious activities affecting the people, infrastructures and economy. Some incidents have already happened, an internet-connected fridge was used as a botnet to send spam to tens of thousands of Internet users,. Jeep Cherokee was sensationally remote-controlled by hackers in 2015. FDA issued an alert about a connected hospital medicine pump that could be compromised and have its dosage changed.
Security equipment is also vulnerable to exploitation by politically and criminally motivated hackers. Security researchers Runa Sandvik and Michael Auger gained unauthorized access to the smart-rifle’s software via its WiFi connection and exploited various vulnerabilities in its proprietary software. The TP750 was tricked into missing the target and not firing the bullet.
Military is also planning to employ IoT. IoT can serve the warfighter better with more intelligence and more ways to coordinate actions amongst themselves. In 20 years the IoT will be ubiquitous, Yet for the Army and wider military to make the most of IoT, it will need to rely on heterogeneous and flexible networks that continue to operate in environments with spotty connectivity, and don’t place burdens on soldiers, said Pellegrino, deputy assistant secretary of the Army for strategic integration.
Military IoT networks will also need to deal with multiple threats from adversaries, said Army’s John Pellegrino deputy assistant secretary of the Army for strategic integration, including physical attacks on infrastructure, direct energy attacks, jamming of radiofrequency channels, attacks on power sources for IoT devices, electronic eavesdropping and malware.
Large growth of IOT Growth predicted
Research firm IDC predicts that the number of “IoT endpoints,” connected devices such as cars, refrigerators and everything in between, will grow from 10.3 billion in 2014 to more than 29.5 billion in 2020. Some anticipating as many as 100 billion connected IoT devices and a global economic impact of more than $11 trillion by 2025.
The recent confluence of several technology trends, is bringing the Internet of Things closer to widespread reality. These include Ubiquitous Connectivity, Widespread Adoption of IP-based Networking, Computing Economics, Miniaturization, Advances in Data Analytics, and the Rise of Cloud Computing. CIO Journal has noted, the growth in IoT-enabled devices has been fueled in part by the declining cost of sensors, connectivity and data processing power.
The Military is also embracing Internet of Things in a big way. Some of the military applications include fully immersive virtual simulations for soldiers’ training; autonomous vehicles; the ability to use smart inventory systems to consolidate warehouses using a web-based delivery and inventory system; and business systems like the Army Strategic Management System to manage energy, utilities and environmental sensors.
IoT devices vulnerable and create huge security and safety problem
Without ample security measures, experts fear that an expanding IoT could create massive vulnerabilities across nearly all technologically-integrated spectrums. With interconnected systems, even one small security gap could create massive ripple effects. The IoT inherently creates billions of insecure new endpoints, said Eric Chiu, president of cloud security vendor Hytrust.
Safety is inseparable from security in an IoT, a hacker can exploit the vulnerability of implantable medical devices like cardiac pacemakers, cochlear implants and diabetic pumps and cause death of victims. A study from security research company Synack found that commonly connected products opened up a host of safety issues. One of the firm’s analysts noted it took him only 20 minutes to break into a range of devices, according to GigaOm.
Growing fleets of autonomous cars could, Heiser warned, pose public-safety and economic risks if they were hacked and similarly controlled by malicious outsiders; such threats recently drove the UK to set new rules for driverless cars and inspired Intel to set up the Automotive Security Review Board to focus efforts around car security.
Nicholas D. Evans leads the Strategic Innovation Program for Unisys outlined a few of the possibilities — some of which have already materialized recently:
- Connected home hacked to open the front door to thieves, open garage door to steal a car, raise heater to maximum levels to damage air conditioning system and/or household goods, turn off refrigerator, turn off sprinkler system, access personal computers, and so on.
- Connected, autonomous car or delivery vehicle sabotaged to crash via inappropriate acceleration or braking, or sent to incorrect destinations; vehicles such as trains, aircraft, drones, ships etc. similarly misdirected or sabotaged.
- Connected hospital hacked to change the route of delivery robots; functions of medical devices such as pacemakers and insulin pumps, and so on.
- Connected manufacturer hacked to interrupt functions of warehouse “picking” robots, equipment monitoring and maintenance sensors, plant control systems, supply chain activities, and so on.
- SCADA and PLC systems sabotaged in similar fashion to the Stuxnet worm that span up Iran’s nuclear centrifuges.
The endless variety of IoT applications poses an equally wide variety of security challenges. For example:
- In factory floor automation, deeply embedded programmable logic controllers (PLCs) that operate robotic systems are typically integrated with the enterprise IT infrastructure need to be shielded from human interference.
- Similarly, control systems for nuclear reactors are attached to infrastructure need to receive software updates or security patches in a timely manner without impairing safety.
- A smart meter—one which is able to send energy usage data to the utility operator for dynamic billing or real-time power grid optimization—must be able to protect that information from unauthorized usage or disclosure.
The absence of encryption, coupled with an inability to patch vulnerabilities as they occur, is a major shortcoming of many Internet of Things devices available in today’s market, according to Ian Lyte, security consultant at Protection Group International (PGI), who prepared the challenge. “If you have something that can’t be upgraded and a vulnerability is found, if you have an internet-connected device at home or in a car, that can’t be updated, once that vulnerability has been found, there is nothing you can do,” Lyte said.
The scenario, enacted as part of the Cyber Security Challenge 2017, saw six groups of aspiring cyber defenders break into a GPS tracking device to be installed into a fleet of cars owned by a fictional car leasing company. Through the device, they were able to breach the company’s internal computer network and book a ride in one of the firm’s luxury vehicles, bypassing all approval and registration procedures.“Once they reach the end of the game, they will have a presence on the internal network of the company. They can go and see finance, they can transfer money, they can try to target specific individuals,” Lyte explained. “They have complete control of what they can do in that network, they can go and sit there, they can visit other servers, and they have got passwords and other credentials. It’s exactly the same as somebody coming in and plugging a laptop in.”
“It’s a device that has hard-coded credentials that are available for anybody to read as long as they get hold of the firmware,” explained Lyte. “That allows you to execute commands from the device. It exploits the same principle as the one used by the Mirai botnet that has taken down some major websites last year. You can find the same sort of thing in many medical devices as well.”
Security Challenges of IOT and Military IoT devices
The Internet of Things (IoT)/Internet of Everything (IoE) environments, Embedded and Mission‐Specific Devices (EMSDs), such as those found in home automation, Supervisory Control and Data Acquisition (SCADA)/Industrial Control Systems (ICS), requires the exploration and development of new cyber security capabilities that are conducive to these devices’ limitations.
These include low computational resources (e.g., storage and memory capacity, processor speed), physical constraints (power consumption, package size, and placement), intermittent connectivity, and lack of trustworthy visibility into system status and operation.
These limitations are further compounded by cost sensitivity, the limited interactivity of many EMSDs, the great difficulty/inability to modify/augment them once fielded, and the lack of standardized hardware and software platforms. The combined effect of these factors inhibits the effective use of cybersecurity mechanisms that have been developed for comparatively resource‐rich devices.
The IoT systems, whether it’s a security camera or an industrial robot, also need to be up and running for years at a time, with rare opportunities for downtime. And they are often “headless”—that is, there isn’t a human being operating them who can input authentication credentials or decide whether an application should be trusted; they must make their own judgments and decisions about whether to accept a command or execute a task
The art of deception can be employed against machines as well as people, noted Richard Hale, deputy chief information officer for cyber security at the Defense Department. “The Internet of Things, especially as we get more and more autonomous and more of this is real-time control system sort of stuff — it’s going to make really bad decisions if information isn’t right or if it’s not coming from a genuine, trustworthy” component, he said. “Non-spoofable … identity is going to be a fundamental characteristic” of the Pentagon’s future IoT systems.
Dukes said “lightweight” cryptography would be needed to secure smartphones and other devices that don’t have the processing capability of traditional devices. That could entail creating cryptographic tools and protocols that require less energy or less software code to execute.
Security concerns are the main issue holding back the military’s use of the Internet of Things, said officials, analysts and members of industry. Some potential adversaries have advanced cyber and electronic warfare capabilities, and everything connected to the Internet is potentially vulnerable to attack, they noted.
Evolutionary Approaches to Security
Wind River, a world leader in embedded software for intelligent connected systems has released a white paper on “SECURITY IN THE INTERNET OF THINGS, Lessons from the Past for the Connected Future” has proposed an evolutionary approach to Iot Security. It has recommended “The End-To-End Security Solution”, “Security at both the device and network levels is critical to the operation of IoT.”
“The same intelligence that enables devices to perform their tasks must also enable them to recognize and counteract threats. Fortunately, this does not require a revolutionary approach, but rather an evolution of measures that have proven successful in IT networks, adapted to the challenges of IoT and to the constraints of connected devices.” Security must be addressed throughout the device lifecycle, from the initial design to the operational environment:
Building Security in from the Bottom Up
Knowing no one single control is going to adequately protect a device, how do we apply what we have learned over the past 25 years to implement security in a variety of scenarios? We do so through a multi-layered approach to security that starts at the beginning when power is applied, establishes a trusted computing
Secure booting: When power is first introduced to the device, the authenticity and integrity of the software on the device is verified using cryptographically generated digital signatures.
Access control: Next, different forms of resource and access control are applied. Mandatory or role-based access controls built into the operating system limit the privileges of device components and applications so they access only the resources they need to do their jobs.
Device authentication: When the device is plugged into the network, it should authenticate itself prior to receiving or transmitting data.
Firewalling and IPS: The device also needs a firewall or deep packet inspection capability to control traffic that is destined to terminate at the device. The industry-specific protocol filtering and deep packet inspection capabilities are needed to identify malicious payloads hiding in non-IT protocols.
Updates and patches: Once the device is in operation, it will start receiving hot patches and software updates. Software updates and security patches must be delivered in a way that conserves the limited bandwidth and intermittent connectivity of an embedded device and absolutely eliminates the possibility of compromising functional safety
DHS’s Strategic principles for securing IOT
DHS has set forth principles designed to improve security of IoT across the full range of design, manufacturing, and deployment activities.
Incorporate Security at the Design Phase: Building security in at the design phase reduces potential disruptions and avoids the much more difficult and expensive endeavor of attempting to add security to products after they have been developed and deployed. DHS recommends enabling security by default through unique, hard to crack default user names and passwords, Build the device using the most recent operating system that is technically viable and economically feasible, Use hardware that incorporates security features to strengthen the protection and integrity of the device, and Design with system and operational disruption in mind.
Promote Security Updates and Vulnerability Management: Even when security is included at the design stage, vulnerabilities may be discovered in products after they have been deployed. These
flaws can be mitigated through patching, security updates, and vulnerability management strategies.
Build on Recognized Security Practices: Many tested practices used in traditional IT and network security can be applied to IoT. These approaches can help identify vulnerabilities, detect irregularities, respond to potential incidents, and recover from damage or disruption to IoT devices.
Prioritize Security Measures According to Potential Impact: Focusing on the potential consequences of disruption, breach, or malicious activity across the consumer spectrum is therefore critical in determining where particular security efforts should be directed, and who is best able to mitigate significant consequences.
Promote Transparency across IoT: Increased awareness could help manufacturers and industrial consumers identify where and how to apply security measures or build in redundancies. Depending on the risk profile of the product in question, developers, manufacturers, and service providers will be better equipped to appropriately mitigate threats and vulnerabilities as expeditiously as possible, whether through patching, product recall, or consumer advisory.
“Widespread adoption of these strategic principles and the associated suggested practices would dramatically improve the security posture of IoT.”
World’s most efficient AES crypto processing technology for IoT devices developed
Researchers at Tohoku University and NEC Corporation have discovered a new technique for compressing the computations of encryption and decryption operations known as Galois field arithmetic operations. The group, from the Research Institute of Electrical Communication, has thus succeeded in developing the world’s most efficient Advanced Encryption Standard (AES) cryptographic processing circuit, whose energy consumption is reduced by more than 50 percent of the current level.
With this achievement, it has become possible to include encryption technology in information and communication technology devices with tight energy constraints, greatly enhancing the safety of the next-generation Internet of Things.
This technique see the AES encryption algorithm represented as a calculation based on a special numbering system called a Galois field. The research group has transformed the input numerical representation and is now able to perform multiple computations in one go. Using this method, the number of required circuit elements can be reduced significantly.
National ICT Australia’s Secure microkernel
NICTA researchers have focused on three key elements that allow embedded systems to be made more secure and reliable:
- Reducing the amount of operating system code (the kernel) that has unrestricted access to the system’s hardware
- Creating a mathematical model that allows the operating system code to be proven to be reliable; and
- Developing a method of measuring and confirming the time taken for the system to perform its required tasks
Professor Gernot Heiser, head of NICTA’s Embedded, Real-Time and Operating Systems (ERTOS) Research Program, and his team have managed to create a microkernel comprising around 10,000 lines of code that has been designed from the ground up for security.
It has been mathematically proven to be completely secure, and a recent field demonstration showed why this was important as researchers hacked into and crashed an off-the-shelf Quadcopter drone – but proved unable to compromise a similar device running an eaL4-based controller.
Development work is also being undertaken on a second mathematical model that can calculate and confirm the time taken by embedded systems to perform certain tasks. This becomes critical in realtime systems where an inability to complete a task in a given time could have serious repercussions.
For example, a pacemaker unable to process incoming signals could miss a human heartbeat, or a fly-bywire aircraft system could be unable to react quickly enough to pilot commands. The model calculates the maximum time the system could possibly take to perform a task. Designers and programmers can then ensure that this measure is within operational requirements.
“Software alone isn’t the best option and the only reliable way we have to maintain security is to use hardware security systems,” said Steve Hanna, Senior Principal at Infineon Technologies, and “By hardware, I’m talking about hardware security chips, which are included in your passports, in your credit cards, in your commercial grade PCs, and in other applications as well.”
These chips are designed to resist very determined attackers and they don’t run commercial operating systems. This means you couldn’t take an attack toolkit that was developed for Windows and use that to break in to the security chip. No, it’s a very specialized operating system, a specialized environment, that’s built into that chip, all designed from scratch with security as a top priority.
Computer scientists at the University of California, San Diego, have developed a tool that allows hardware designers and system builders to test security- a first for the field
The tool, based on the team’s research on Gate-level Information Flow Tracking, or GLIFT, tags critical pieces in a hardware’s security system and tracks them. The tool leverages this technology to detect security-specific properties within a hardware system. For example, the tool can make sure that a cryptographic key does not leak outside a chip’s cryptographic core.
There are two main threats in hardware security. The first is confidentiality. In some types of hardware, one can determine a device’s cryptographic key based on the amount of time it takes to encrypt information. The tool can detect these so-called timing channels that can compromise a device’s security. The second threat is integrity, where a critical subsystem within a device can be affected by non-critical ones. For example, a car’s brakes can be affected by its CD player. The tool can detect these integrity violations as well.
“The stakes in hardware security are high”, said Ryan Kastner, a professor of computer science at the Jacobs School of Engineering at UC San Diego.
The article sources also include: