The Internet of Things (IoT), could be defined as the interconnection of devices and objects that are connected through a communications infrastructure.
In the new digital age, any type of object can be connected to the internet, from a household appliance or vehicle, to a sensor, or to any machine in a manufacturing or industrial process.
One of the characteristics of IoT is that all these devices are designed to be able to work without human interaction, butrather with some type of centralized system control instead. This interaction is called M2M (Machine to Machine).
The concept of internet of things
It was proposed in 1999 by Kevin Ashton at the MIT Auto-ID Center, where research was being conducted in the field of Network Radio Frequency Identification (RFID) and sensor technologies. In other words, since this technology was proposed, the number of devices connected to the Internet has increased dramatically. Furthermore, it is estimated that by 2020 there will be around 30 billion connected IoT devices worldwide.
With the next generation of internet applications (IPv6 protocol) all objects can be identified (addressed), something that cannot be done with IPv4 due to the lack of public addressing. With this new system, each machine can have a globally unique identifier (IPv6 address), and therefore, it can be remotely interconnected with any geographic location, being able to send information if it is a sensor or being able to be controlled by a remote system.
All this advancement in IoT technology, and connecting to any type of device, involves significant associated challenges. Especially in the cybersecurity field.
Several reports from different vedors ensure that more than 70% of IoT devices have security vulnerabilities, linked to the operating system they use, in passwords, encryption problems or access permissions, among others.
More than 50% of applications developed for mobile devices do not encrypt data or have weak or outdated encryption protocols.
Due to these vulnerabilities and weaknesses in IoT devices, security has become a vital element. Thus, on October 21, 2016, thousands of these devices that had previously been infected with malicious code were used to form a botnet.
Additionally, the data stored by IoT devices is highly coveted, many IoT devices store data about users’ habits and way of life. Therefore, having such databases is valuable to many companies, who can use this data to advertise products and services focused on the masses habits and preferences, if not with worse intentions (social engineering, key theft,etc).
1.2 IoT Security Solutions
IoT devices have not been designed from a security point of view. Beyond this, most current IoT devices do not have the possibility to solve vulnerabilities by installing patches or software updates.
On the other hand, the protocols and technologies applied in IoT are designedfrom a functional point of view, which is totally againstthe system security. These two problems make it very easy to access and hack IoT devices.
Therefore, it is necessary to provide a security layer, external to the devices themselves in many cases (Firewalls for PLCs, NACs for network environments, etc.). At Coreun we work with various solutions that allow us to add this additional security layer, for which IoT devices are not designed.
1.2.1 Network access control
With the increase in IoT devices, the way in which communications are used and, consequently, the way to secure them, has radically changed.
When it comes to protecting endpoints, mobile devices, and IoTs, conventional security strategies are outdated and, in most cases, don’t provide the required level of security.
Most of the conventional solutions do not have full visibility of the devices that are connected to the network, so they cannot efficiently protect the communications and technologies used by IoT.
At the same time, cyber criminals are increasing attacks on IoT devices to gain access to a private infrastructure and be able to access critical servers, databases, and applications.
Network Access Control (NAC)
NAC has evolved from its first versions, to meet the challenge of integrating IoT devices in the business world.
This technology was born with the proliferation of BYOD (Bring Your Own Device) and with the objective of being able to have different access policies by user and device type.
A NAC solution allows us to know what or who connects to our infrastructure, what type of device it is and what network permission policy we are going to assign it.
For example, depending on your operating system vulnerabilities, taking into account the security of the network you use to connect to resources, the criticalityof the data you want to access, etc.
Third-generation NACs allow us a much more flexible approach and provide us with a number of advantages that help us secure IoT devices:
- Total visibility. Through a NAC we can identify the device that connects to the network, user, OS, software, etc.
To protect IoT networks it is essential to know which devices are connected and what is each device function.
- Segmentation. Automatic and scalable protection of IoT devices through network segmentation and access policy.
- Automatic incident response. When a device has been compromised, the NAC automatically isolates or disconnects it from the network.
1.2.1 Threat Prevention
One of the IoT devices point of failure is that most of them do not have the possibility to patch vulnerabilities in software, since these devices are designed to facilitate their operation and the versions of the operating system or the applications they use, are usually very reduced.
By installing a Firewall with IPS/IDS capabilities, we can add a security layer that allows us to identify and correct vulnerabilities, ensuring that the weaknesses that these IoT devices may suffer are not going to be exploitable by an attacker.
IPS/IDS and Next Generation Firewall have evolved allowing to identify, detect and block any threat that occurs on the network. Likewise, they use a very powerful software engine capable of identifying and distinguishing illegitimate traffic patterns from legitimate traffic flows within the business environment.
In conclusion, it is a key point to be able to protect computers with known and exploitable vulnerabilities from cybercriminals, reducing the attack surface and correcting the failure points that IoT devices have implicitly.