Tiếng Việt
The internet of things (IoT) is one of the most versatile technologies today. The ubiquity of the internet, increasing network connectivity, and diversity of connected devices make IoT scalable and adaptable. Food production, manufacturing, finance, healthcare and energy are just a few of the industries where IoT has revolutionized – specifically through its extension, the industrial internet of things (IioT – industrial internet of things). At the same time, it also leads to the realization of smart homes, buildings and even cities.
However, the evolving reality of IoT also means recognizing its possible consequences. For example, in enterprise environments, IoT is often seen in the areas of office automation (OA) and operational technology (OT). This means multiple IoT and IIoT devices are deployed within an organization. Such a setup increases the likelihood of threats occurring in spaces that have not posed a cybersecurity risk before. IoT devices in these common spaces can affect critical systems, such as internal networks and database servers, through the monitoring and data collection capabilities of IoT systems. Therefore, even threats related to seemingly innocuous IoT devices such as smart toilets and smart coffee makers can have a major impact depending on the environment in which they are installed.
Therefore, part of IoT adoption is anticipating what else the technology brings to the environments in which it is being applied – not the least of which are security concerns that could lead to successful attacks on IoT systems and devices.
How does IoT affect security?
Threats to IoT systems and devices translate into greater security risks due to certain characteristics that the underlying technology possesses. These characteristics make IoT environments efficient and effective, but they have the potential to be abused by threat actors.
These characteristics include:
Rich data sources: IoT devices and sensors collect highly granular data from their environments and users. This data is necessary for the IoT environment to function properly. However, this data can have a number of negative cascading effects if not secured or if stolen or compromised.
Connectivity between virtual and physical environments: Many IoT devices are capable of operating based on the data they receive from their respective environments. This capability shortens the gap between virtual and physical systems. But while convenient for users, it can allow cyber threats to move to physical consequences more quickly, thus creating a greater impact.
Complex environments: The increasing convenience and variety of devices leads to complex IoT environments. “Complex” in the context of IoT means that there are enough devices operating in a single IoT environment to enable dynamic interactions among its devices. This complexity expands the capabilities of IoT environments, but at the cost of a larger attack surface.
Centralized architecture: Applying traditional centralized architecture to IoT systems can have a detrimental impact on security. A centralized architecture means that the data collected by each device and sensor will be communicated to a base station. In an enterprise, the primary database may be the same database used by thousands of devices that collect an incredible amount of data. This may be less expensive than separate databases, but it risks presenting a wider attack surface that is intricately connected to a single root.
What are the attack surface areas of IoT?
As part of the Internet of Things project, the Open Web Application Security Project (OWASP) has published a detailed draft list of IoT attack surface areas, or areas within IoT systems and applications that may exist at security threats and vulnerabilities. Here is a summary of IoT attack surface areas:
Device: Devices can be the primary means by which attacks are initiated. Device parts that can be exploited are memory, firmware, physical interface, web interface, and network services. Attackers can also take advantage of insecure default settings, outdated components, and insecure update mechanisms, among other things.
Communication channels: Attacks can originate from channels that connect IoT components together. The protocols used in IoT systems can have security issues that can affect the entire system. IoT systems are also vulnerable to cyber attacks such as denial of service (DoS) and spoofing.
Applications and software: Vulnerabilities in web applications and related software for IoT devices can lead to compromised systems. For example, web applications can be exploited to steal user credentials or push malicious firmware updates.
How to secure IoT?
As can be inferred from the above IoT attack surface areas, all major components of IoT systems can be exploited. Therefore, security should be a priority in building and maintaining IoT systems. Regardless of the size or type of environment an IoT system is built in, security needs to be considered from the design stage to better integrate it in every aspect of the system – it is not a single accessory pure. In this way, the IoT system, from individual devices to its overall configuration, can be adjusted to be both functional and secure.
Here is a security hint:
All the data that is being collected and the information that is being stored must be accounted for. Each piece of data and information flowing in an IoT system must be mapped accordingly. This refers not only to what is collected by sensors and devices deployed in the environment, but also to any credentials that may be present in automation servers or applications. other IoT applications.
Each device connected to the network needs to be configured with security in mind. Make sure the security settings are in place before connecting the device to the network. This includes using a strong username and password combination, multi-factor authentication, and encryption.
Each device must be physically secured. It is important to also take into account the physical accessibility of IoT devices. If the IoT device itself does not have physical protections against tampering, it should be kept in a confined place or protected with appropriate locks or other tools. For example, IP cameras can be directly tampered with if cybercriminals get access to them. They may be implanted with hardware or malware that can cause system errors or spread malware.
