How to protect connected home devices from cyber attacks

Security was clearly an afterthought or not considered at all. That’s bad enough for an engineer to deal with, but much worse for the unprepared consumer. 

An average cSecured IoT devicesonsumer, or even a security savvy consumer, has little ability to know which brand of IoT device has better security or any at all, leaving the primary responsibility for securing their devices squarely with the OEM.

A compromised consumer device may have little impact on the device’s performance and the consumer may not even realise their device was hacked. Should the OEM care?

Absolutely! On the surface, the hacked device may seem benign. But a device, like a smart refrigerator, may reveal WiFi credentials to a hacker giving them a beachhead from which they can then attack other more critical devices on the network. So, it’s about more than just protecting the device itself.

It seems moments after a solution against digital invasion is in place, someone finds a way to circumvent it. Security is in many ways an ongoing, never ending arms race and hackers are adept at finding ways to exploit security vulnerabilities.

The key is to add appropriate levels of security making it more expensive for the hacker (in terms of time and computing resources) to exploit a device or system. Hackers usually go after the easy exploits, and avoid the challenges offering little financial or ego benefit.

The first step for the OEM is to evaluate their device’s vulnerabilities, decide what to protect against, and determine how the economics of the device is impacted.

Vulnerabilities in IoT devices

Design vulnerabilities are weaknesses resulting from a failure to include proper security measures when developing the IoT device. Examples of design vulnerabilities in HP’s study include use of hard-coded passwords, control interfaces with no user authentication, and use of communication protocols sending passwords and other sensitive information in the clear. Other, less glaring examples include devices without secure boot or allowing unauthenticated remote firmware updates.

Security capabilities

Adding a few basic security capabilities can make IoT devices dramatically more secure, and greatly reduce the risk of falling victim to a cyber-attack including:

• Secure boot
• Secure remote firmware update
• Secure communication
• Data protection
• User authentication
• Secure Boot

Secure boot utilises cryptographic code signing techniques ensuring the device only executes code produced by the device OEM or other trusted party. Use of secure boot technology prevents hackers from replacing the firmware with malicious versions, thereby blocking a wide range of attacks.

Secure Firmware Update

Secure firmware updates ensure device firmware can be updated, but only with firmware from the device OEM or other trusted party. Like secure boot, secure firmware updates ensure the device is always running trusted code and blocks any attacks attempting to exploit the device’s firmware update process.

Secure Communication

Utilisation of security protocols like TLS, DTLS, and IPSec adds authentication and data-in-motion protection to IoT devices. By eliminating sending data in the clear, it is much more difficult for hackers to eavesdrop on communications and discover passwords, device configuration, or other sensitive information.

Data Protection

Security protocols provide protection for data while it is transmitted across networks, but does not protect the data while it is stored on the device. Large data breaches often result from data recovered from stolen or discarded equipment.

Encryption of all sensitive data stored on the device provides protection should the device be discarded, stolen, or accessed by an unauthorised party. For instance, most office, business, and personal printers have an integrated drive inside storing tens of thousands of documents.

User Authentication

Weak or non-existent user authentication recently resulted in thousands of IP cameras with well-publicised default passwords being enlisted in a high-profile Denial of Service attack. A strong user authentication method is a clear requirement for device security.

The Consumer

On an individual level, there is less we can do. If a company produces an insecure product the consumer can either live with it or not buy it. For those products with built-in security, users must enable appropriate levels of security, change default passwords, and use strong passwords.

The cameras used as bots in the Mirai botnet infestation could have been protected from attack. Secure boot, firewall, or intrusion detection each could have individually avoided the takeover of the cameras enabling the attack. These have the benefit of not requiring the user to remember passwords or unique logins. For as little as 1% of the price for the device, this public disaster could have been avoided.